News01 October 2021

Belt Finance paid DeFi’s largest reported bounty fee

Belt Finance paid DeFi’s largest reported bounty fee

Summary

· White hat Hacker Alexander Schlindwein brought to light a $10-milion bug issue

· The hacker was paid a total of $1.05M in compensation

· Immunefi contributed $1 million to the bounty

Binance Smart Chain-based Automated Market Maker (AMM), Belt Finance, claims that it paid the largest bounty in the history of DeFi. The funds are claimed to have been paid to a white hat Hacker who brought to light a $10-milion bug issue, helping avert a crisis.

White hat programmer, Alexander Schlindwein, discovered Belt Finance’s protocol system vulnerability in the last week before reporting it to the Belt Finance team. For his help, Alexander was compensated with a generous $1.05 million, with Immunefi contributing $1 million to the bounty.

“I went through the list of bug bounties on Immunefi and picked Belt Finance as the next one to work on. While I was studying their smart contracts, I noticed a potential bug in the internal bookkeeping, which keeps track of each user’s deposited funds. Playing the attack through with pen and paper gave me more confidence in the existence of the bug. I continued by producing a proper proof-of-concept [PoC] which undoubtedly confirmed its validity and economic damage.” – said Alexander in a statement.

Kibet Elikana
Write a comment