ChainCatcher message, Layer3 announced on social media that the Layer3 Foundation has partnered with HackenProof to launch a $500,000 bug bounty program.

ChainCatcher news, according to official sources, Uniswap Labs has announced a partnership with Web3 security company Cantina to expand its bug bounty program. Users can submit applications through the Uniswap Labs Cantina bug bounty page, with rewards distributed based on the severity of the disclosed vulnerabilities and the scale of the assets at risk, up to a maximum of $2.25 million.Additionally, according to official disclosures, the Uniswap protocol has processed over $20 trillion in transactions without any hacker attacks to date.

ChainCatcher news, according to The Block, the blockchain built by Jump Crypto is about to launch its first bug bounty program, Firedancer v0.1 ("Frankendancer"), a six-week bug bounty program that will start on July 10.It is reported that the program was announced by the anonymous developer Cantelope Peel and is supported by Immunefi, with a scale of $1 million.

ChainCatcher news reports that the vulnerability bounty platform OpenBounty has faced criticism from peer security researchers after users discovered that their submitted vulnerability reports were published on a public blockchain. When OpenBounty receives a report, it automatically publishes the content of these reports as transactions on Shentu, a blockchain operated by OpenBounty's parent company, Shentu Foundation. The publicly disclosed details include the threat level of the vulnerability, the location of potentially vulnerable code, and comments from the report authors. OpenBounty lists over 30 different cryptocurrency projects offering vulnerability bounties, with a total deposit value exceeding $11 billion.Independent security researcher Pascal Caversaccio stated that publicly disclosing potential vulnerabilities is extremely irresponsible, as any hacker can sift through these reports and exploit them. Security researchers also complained that OpenBounty listed and accepted vulnerability bounty reports from other security companies and cryptocurrency projects that had not authorized them. Among the bounties listed on the OpenBounty website are those from top decentralized exchange Uniswap and lending protocol Compound.Michael Lewellen, Solutions Architect at the crypto security company OpenZeppelin, stated, "As a security advisor for Compound DAO at OpenZeppelin, I can authoritatively say that they have not been authorized to manage vulnerability bounties on behalf of the protocol."Dmytro Matviiv, CEO of the vulnerability bounty platform HackenProof, said, "Listing bounties without permission could have legal consequences. The vulnerability bounty market operates under a carefully considered legal process. Within this system, permission from the bounty issuer must be obtained before placing a bounty on a vulnerability bounty platform."A spokesperson for CertiK confirmed that the entity controlling the OpenBounty platform, Shentu, was once part of CertiK; however, Shentu has been operating independently since 2020. Nevertheless, four years after the split, the code on the OpenBounty platform still links to domain names that include CertiK in their names. However, CertiK's spokesperson stated that these domains are managed independently by Shentu.

ChainCatcher news, according to official sources, Flow is about to launch the equivalent EVM Crescendo, aimed at connecting Flow to the EVM ecosystem to become one of the most scalable and powerful computing layers for developers.In addition, it is simultaneously launching a bug bounty program, seeking vulnerabilities in smart contracts, transactions, or scripts that may affect network stability or security, with the highest level bug bounty reaching $50,000.

ChainCatcher news, according to The Block, the ethical hacking bounty payouts of the Web3 vulnerability bounty platform Immunefi have exceeded $100 million.The team stated that this milestone was achieved approximately three years after Immunefi launched in December 2020, stemming from over 3,000 paid vulnerability bounty reports.

ChainCatcher news, according to The Block, after the attacker failed to return the funds on the UwU Lend platform, the protocol is taking another step to find the hacker. According to the Input Data Message (IDM) on Ethereum, UwU Lend has set up a reward of 5 million USD in ETH for "the first person to identify and locate" the exploiter, adding that "there is no need to recover funds or fees."Previously, the protocol had discussed directly with the exploiter about setting up a bounty. The attacker could keep 20% of what they stole as long as they returned 80%, and if the exploiter complied, the protocol stated it would not pursue the matter further or involve law enforcement.It is reported that the attacker must return the funds by 1 PM (Eastern Time) on Wednesday. However, in a message sent to the attacker on Thursday, UwU Lend wrote, "The deadline for repaying the funds you stole has passed."

ChainCatcher message, the DeFi protocol Abracadabra Money (MIM_Spell), which was previously hacked, stated on the X platform that it is willing to coordinate directly with the hacker and offer a fair bug bounty in exchange for the return of the stolen funds. Abracadabra Money expressed its willingness to wait for any communication from the hacker until 16:00 Central European Time on February 5 (Monday), after which further escalation actions will be taken.

ChainCatcher news, the Arbitrum ecosystem liquidity management protocol Gamma posted on social media that it has attempted to contact the attacker through Etherscan and Arbiscan to negotiate the return of funds (for example, part of the funds could be considered a bug bounty).

ChainCatcher news, the encrypted wallet Atomic Wallet has launched a $1 million bug bounty program. Users who report significant security vulnerabilities will receive a reward of $100,000. Users can receive small bounties ranging from $500 to $10,000 based on the severity of the reported vulnerabilities.

ChainCatcher message, anonymous developer "KP" previously discovered a vulnerability in Compound and reported it, while also providing a code repository that includes an attack proof-of-concept simulation. After the vulnerability was fixed, "KP" submitted a request to the Compound DAO for a reward of $125,000. The Compound DAO initiated proposal 202 to provide a bug bounty for the recently fixed protocol vulnerability, but the proposal did not reach the quorum and failed to pass.The Compound DAO subsequently reduced the bounty payment amount to $100,000 in COMP and initiated a new proposal 203, which has now reached quorum and passed with approximately 93% support.

ChainCatcher news, friend.tech has launched a bug bounty program, covering the contracts deployed on Base, applications hosted on the friend.tech website, and other vulnerabilities that may threaten user funds, with rewards of up to 1 million USDC.

ChainCatcher news, according to official sources, Aave DAO has partnered with the security service platform Immunefi to launch a one million dollar bug bounty program.

ChainCatcher news, zkSync announced on social media the launch of a bug bounty program on the Code4rena platform, with a total prize pool of up to 1.1 million USD.The event will start at 4 AM Beijing time on October 3 and end at 4 AM on October 24, covering the audit scope of L1 and L2 system smart contracts, circuits, and virtual machine (VM) implementations.

ChainCatcher news, according to The Block, GMX paid $1 million in bug bounties to Collider's research team in 2022 to reward them for discovering vulnerabilities in the internal mechanisms of the GMX protocol.It is reported that GMX has fixed the vulnerability and recently released detailed information about it.

ChainCatcher news, the security service platform Immunefi announced the launch of a new product called "Changing the Bug Bounty Game," which will be detailed on September 26 at 10 AM Eastern Time.

ChainCatcher news, according to official sources, SSV Network has partnered with immunefi to launch a bug bounty program with rewards of up to $1 million. The bounty is categorized by the severity of the vulnerabilities, with the highest reward being $1 million, primarily focused on protocol smart contracts.

ChainCatcher news, according to official sources, Uniswap has launched a bug bounty program, covering the Router contract, Permit2 contract, V3 contract, and UniswapX contract, with rewards up to $2.25 million.It is reported that Uniswap defines the most critical issues as "those that affect a large number of users and have a serious impact on reputation, legal, or financial matters," while the least severe issues are "those that do not pose direct risks but are related to security best practices."

ChainCatcher news, the liquid staking protocol Stader Labs has launched a bug bounty program on the security services platform Immunefi, with bounties ranging from $20,000 to $1,000,000 depending on the severity of the vulnerability, primarily focusing on the protocol's smart contracts. (Source link)

ChainCatcher news, StarkWare announced that the cumulative transaction volume of its StarkEx has approached $1 trillion. At the same time, StarkWare announced the launch of the StarkEx bug bounty program on Immunefi, with a maximum bounty of $1 million. (source link)