Meanwhile i saved ecosystem from a massive $800m hack and the team is offering me $4k. Whitehats lose everytime.

I wonder why people are posting so much about Claude finding the critical ZCash bug as if it’s a big deal. HyperBridge got hacked, then launched a program on HackenProof and paid out about $120k within its first week or two for a ton of critical and high-severity bugs. My point is, I don’t believe the bug was hidden in plain sight; security researchers simply weren’t incentivized. Notice that the bug only came out after they ran a bug bounty program, attracted a lot of talent, and then closed the program. I would wager that the bug would have been found on the very first day on @HackenProof or @immunefi if they had launched a program, especially during this AI-assisted audit period we’re in. If an AI model found it, anyone with a subscription could have found it too. A formal bug bounty program really helps, I hope projects learn from this and launch a bbp on any of this big platforms. And note, for web3, launching on bugcrowd if it isn't just the web2 aspect you are as good as not having a program(talking from experience)

Congrats man, first of many 👏👏

$8,000 total payout for one chain halt and a high severity bug. $4,000 worth of native tokens for another chain halt bug in project 2.

I guess calling them out was a good move then

$10,000 for another chain halt bug, through @cantinasecurity this time

Full Episode: youtu.be/BPkLUdMcPLY?si=eqT0…

I guess Christmas came early, lol With this bounties I have officially earned more than $100k in bounties this year already, within five months. 4 Critical bugs to one project, and a chain halt bug for another project.

$3,000 bounty for another chain-halt bug. If exploited, any normal user could have completely halted the chain. Recovery would have required a patch and coordinated network upgrade.

Upgrading to an M5 Max with 128GB unified memory and 4TB SSD. Guess what model I’m about to run locally?

Yeay, I was awarded for a valid submission on @HackenProof #hackenproofed #bugbounty

Saved another chain with a lot of their native assets at risk(about $150k worth of it), plus two chain halt bugs. They paid $12,500 for the disclosures, also offered to pay for a private audit of their bridge 🔥🔥

Another project saved 🙌 A chain halt bug this time. $4,000 for the disclosure. Expected more, but we move

My entire ethos of hunting has been to find only Critical and Highs but every now and then I keep pumping on these but of all the lows I have found am most proud of this coz it came from very reputable project. Shout out to @only01Essential for always being 1 call away

Found a bug today with millions at risk, I was expecting the team to be serious, but they were so adamant on following some set of rules for bug disclosures, which really didn't sit well with me. I feel bug disclosures should be streamlined and easy, I mean, if I wanted to report through a platform I would have just hunted there. Helping protocols ain't easy. Note that if the disclosure to reward process isn't smooth, researchers leave. Projects need to learn to take SECURITY RESEARCHERS MORE SERIOUSLY. Don't wait until you get rekt

I remember when protocols use "AI REPORT" to invalidate bug reports. AI has come a long way

Wen 1k?

Second dupped dlt High in this project. Man, I have been suffering with way too many duplicated reports