Hackers are asked to find security vulnerabilities to better secure user funds

Bitcoin exchange Sovryn launches record $1.25m bug bounty program

Bitcoin exchange Sovryn has launched what is believed to be the biggest bug bounty reward to date, offering $1.25 million for the disclosure of security vulnerabilities in its platform.

The company, which describes itself as a bitcoin-based decentralized finance protocol, is offering the record amount for security flaws in the Sovryn smart contract.

Further rewards, up to $22,000, will be given to hackers who uncover flaws in its websites and web-facing applications.

Immunefi launch

The Sovryn bug bounty program was launched in partnership with Immunefi, a bug bounty platform specializing in blockchain and smart contract projects, which was created in December 2020.

Sovryn will also award a bonus 20% payout to bug bounty hunters for reports during the first 30 days of its program, which has been live since March 3.

RECOMMENDED Bug Bounty Radar // The latest bug bounty programs for March 2021

More information on the program, including a list of prioritized vulnerabilities, can be found on the Immunefi website.

These vulnerabilities include logic errors, dependency vulnerabilities, and economic/financial attacks.

Arms race for security

When asked why such a large reward was offered, Sovryn co-founder Edan Yago told The Daily Swig: “We believe we are in an arms race for security. The more we offer, the more likely we are able to outbid others in the attention economy for whitehat talent.”

In terms of bugs, Yago said that they were looking for “anything that could place user funds at risk, be it smart contract bugs, frontend vulnerabilities, or anything else”.

Read more of the latest bug bounty news

He added: “Security of user funds is Sovryn’s highest priority.”

Immunefi co-founder Travin Keith said: “We are sure the Sovryn network will become more secure through the existence of this bug bounty program, by incentivizing whitehats to look through the code as well as incentivizing blackhats to disclose bugs, instead of exploiting them.”

YOU MAY ALSO LIKE ‘Train the basics’ – Bug bounty hunter ‘Xel’ on forging a lucrative career in ethical hacking