Axie Infinity Developers Set Bug Bounty at $1 Million
Axie Infinity, the NFT-based play-to-earn game, developed by Sky Mavis was recently hacked for $622 million in crypto. In response, the company has announced a bug bounty program.
$1 million in bounties is being offered to “encourage responsible disclosure of security vulnerabilities.”
“Calling all white hats in the blockchain space,” tweeted the company’s Chief Operating Officer, Aleksander Leonard Larsen. “Help us keep @Ronin_Network secure while earning a bounty.” Larsen linked to a page with details of the Sky Mavis Bug Bounty Program.
Sky Mavis plans to pay the white hats (friendly neighborhood hackers) the bounties in AXS Axie Infinity’s native token, with a “six month vesting period with monthly unlocks for fatal bounties.” The top reward of $1 million will go to the person who can help identify “extraordinarily severe issues or those with extreme impact.”
The studio behind the popular play to earn game is also offering a bounty of $100,000 for identifying “critical” smart contract and blockchain vulnerabilities, as well as bounties of $50,000, $5,000, and $1,000 for risks it classifies as “high,” “medium,” and “low.”
All these rewards are being given out in response to the late march hack that saw $622 million in Ethereum and USDC stablecoin drained from the Ronin bridge. The hacker reportedly used hacked private keys to approve transactions from five of the nine validator nodes on the Ronin network, including Sky Mavis own validators.
Around $7 million of the illicit funds were then transferred to the cryptocurrency mixing service, Tornado Cash.
This month, Binance led a $150 million funding round to help reimburse victims of the hack. Sky Mavis also made it known that the funds would also be allocated to the expansion of the number of validators from 5 to 21 over the next three months.