Balancer Labs Posts Bug Bounty for Over $2 Million

Balancer Labs has announced a bug bounty for any ethical hacker who finds vulnerabilities in their V2 Vault. The top bounty is 1,000 ETH.

The minds at Balancer Labs have decided to go big in pursuit of uncovering vulnerabilities in their V2 Vault architecture. The company, which functions as a liquidity provider and non-custodial portfolio manager, offers the largest single-bug bounty on record. The top prize is 1,000 ETH or $2.2 million at the time of writing. Balancer hopes to encourage ethical hackers to sniff out vulnerabilities of V2. 

The V2 Vault is a single vault that maintains and manages assets placed within the platform. It’s designed to simplify transactions and reduce gas fees once launched. 

Balancer Labs is learning from past security gaffes

The desire for Balancer to be cautious comes on the heels of a June 2020 cyberattack against the DeFi platform. Hackers duped the protocols into unloading a half-million dollars in tokens after discovering a method to manipulate the intelligent contract of a pool. 

Balancer Labs is not the only DeFi platform to suffer such exploits to its systems in recent months. 

Earlier in March of 2021, the DeFi platform DODO DEX got hit hard for $3.8 million in a similar attack. While most of this amount has been recovered, it still points to a worrying trend for the DeFi sector. 

According to a study done by CipherTrace, DeFi platforms account for 50% of the targeted crypto-attacks from June through the end of the year. The DeFi industry lost more than $47 million in the process. 

Bug Bounties are becoming more common

Investors wanting security for their funds is not a new idea by any stretch of the imagination. With currency moving into the digital realm, this fact has not changed.  What has changed is the methods in which companies discover vulnerabilities within their own systems.

The first bug bounty program was launched in 1983 by Hunter and Ready Inc. to check the security of their Versatile Real-Time Executive (VRTX) operating system. The grand prize was cleverly chosen as a Volkswagen Beetle, or VW Bug for short. 

Since then, the idea of bug bounties has evolved into what we see today in many industries worldwide. 

Last year Google announced it had shelled out almost $7 million to digital bounty hunters in 2020 alone via their vulnerability reward program. Much like Google, many tech companies have adopted bug bounty programs recently. Many of which are in the crypto sector. 

Additionally, Ethereum recently upped its reward points for bug hunters enabling them to earn up to $50,000 for reporting a single critical issue in the Ethereum 2.0 system. A quick look at their points leaderboard shows several hunters who have earned upwards of $30,000 thus far.

According to a report by the BBC, nine ethical hackers banked over $1 million last year after finding and flagging exploits for various companies. The industry overall raked in more than $40 million in profits by simply finding and reporting these system flaws.