Web3 bug bounty platform Immunefi raises $24 million in Series A funding

Quick Take

  • Immunefi has raised $24 million in Series A funding led by Framework Ventures.
  • The startup hosts bug bounty programs by crypto projects and earns a 10% commission on bounty payouts. 

Immunefi, a platform that helps web3 projects launch bug bounty programs and whitehat hackers earn money, has raised $24 million in a Series A funding round amid increasing crypto hacks.

Framework Ventures led the round in the largest deal the crypto investment firm has publicly announced, according to a statement on Thursday. Other investors include Electric Capital, Polygon Ventures, Samsung Next, North Island Ventures, Third Prime Ventures and Lattice Capital.

Immunefi was founded in December 2020 and hosts bug bounty programs for crypto projects, including Chainlink, MakerDAO and Compound. The Singapore-based firm claims to have over 300 clients, guard over $100 billion in users' funds, and collectively offer $136 million in bounties to whitehat hackers.

Bounties can be an effective way to discover vulnerabilities and prevent potential hacks, especially in the vulnerable crypto space. According to The Block's Data Dashboard, hackers have stolen nearly $2.5 billion from decentralized finance (DeFi) projects to date.

Immunefi claims to have saved over $25 billion in users' funds to date and has paid out $60 million in bounties.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

The startup takes a 10% commission on those payouts, founder and CEO Mitchell Amador told The Block. For example, if a whitehat hacker receives $1 million from a crypto project, Immunefi gets $100,000, meaning that the project pays $1.1 million in total, said Amador.

Immunefi can be compared with traditional bug bounty platforms like HackerOne and Bugcrowd. But the firm says it has facilitated the largest bug bounty payments in the history of software, including $10 million for a vulnerability discovered in Wormhole, a blockchain bridge, and $6 million for a vulnerability discovered in Aurora, a bridge and scaling solution for Ethereum. For comparison, the largest conventional bug bounties — offered by Apple — top out at $2 million, according to Immunefi.

With fresh capital in hand, Immunefi plans to expand its team in order to meet the growing demand for its services, said Amador. The current headcount of Immunefi is around 50 and it could double in the near future, he added.

The Series A round brings Immunefi's total funding to date to more than $29.5 million. The firm raised a $5.5 million seed round last year. Amado declined to comment on Immunefi's valuation with the latest round and any new board seat additions, but said it was an equity round like the firm's seed round.

Last year, Amador told The Block that Immunefi is ready to decentralize its operations, meaning it could launch its own token. When asked if that plan is still intact, he said the firm is "exploring different options but can't share more at the moment."

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Yogita Khatri is a senior reporter at The Block, covering all things crypto. As one of the earliest team members, Yogita has played a pivotal role in breaking numerous stories, exclusives and scoops. With nearly 3,000 articles under her belt, Yogita holds the records as The Block's most-published and most-read author of all time. Prior to joining The Block, Yogita worked at crypto publication CoinDesk and The Economic Times, where she wrote on personal finance. To contact her, email: [email protected]. For her latest work, follow her on X @Yogita_Khatri5.