Bancor offers a $1M bug bounty amid the release of Bancor 3 code

The decentralized finance (DeFi) sector has been targeted by a rise in hacking attacks. Recently, the Ronin Network suffered a $625M loss after a hack on the network, making this one of the largest DeFi hacks.

To curb this rise in hacking attacks on DeFi protocols, the Bancor protocol has offered a $1M reward to those who will identify critical threats on the networks. The protocol will then patch these vulnerabilities before they are exploited.

Bancor protocol $1M bug bounty reward

The Bancor protocol has released a $1 million bug bounty. The release of this bug bounty has happened alongside the release of the Bancor 3 code to the public. Cybersecurity experts can now analyze the codebase to detect any vulnerabilities that can be exploited.

In the announcement, the Bancor team said that “Bancor is conducting multiple rounds of auditing before the full release of Bancor 3, including audits by OpenZeppelin, Peckshield and Certora to ensure the highest security possible. As we get close to the B3 launch, we invite developers and whitehat hackers to review the code and try to find bugs in exchange for up to USD 1 million in rewards.”

The rewards distributed to those who detect any vulnerabilities will depend upon the extent of breach that can be handled using the detected bug. The distribution of the rewards will be determined by the Bprotocol Foundation.

The detection of critical threats that pose a danger of causing major financial losses for the protocol will result in high rewards of up to $1M. Detection of high and medium threats will earn rewards of $40,000 and $5,000, respectively, while low threats will receive $1000.

The protocol has also said that those who disclose vulnerabilities before the launch of the Bancor 3 code will receive higher rewards. Bancor 3 is expected to be unveiled in mid-May, and it will be a “fundamental re-design of previous Bancor versions.” The Bancor 3 code will be like an upgrade for the Bancor protocol. It will improve the interactions in the protocol and boost the adoption of the network for decentralized finance (DeFi).

Besides offering this bug bounty, Bancor will also review its code to detect any potential threats. Audits on the network will be carried out using OpenZeppelin, Peckshield and Certora. These platforms are popular in promoting blockchain security, and they will ensure that potential threats to the Bancor protocol are detected and patched before being exploited.

The popularity of bug bounties in crypto

There is a growing need to protect user funds from being stolen by hackers targeting crypto and blockchain projects. Besides hiring the services of cybersecurity experts, some protocols reward the public by asking them to report detected bugs.

Leonid Beder, the Chief Technology Officer at Bancor Protocol, commented on the development, saying, “whereas the code behind Web2 and centralized crypto platforms is proprietary and usually opaque, the open-source and on-chain nature of DeFi allows for anyone to review your code and uncover potential issues before they can be exploited.”

Beder also said that having public bug bounties have whitehat hackers the opportunity to detect issues and be paid for detecting the issues. Bug bounty programs have facilitated the detection of some of the largest bugs in the DeFi sector.

Immunefi, a leading bug bounty platform in the crypto sector, claims to have paid out more than $20 million in rewards to white hat hackers that have detected bugs. Detecting these bugs has saved $20B worth of investor funds. Other active bug bounties are Wormhole, MakerDAO, GMX and Olympus, each having a $3M bounty.