Immunefi launches on-chain vaults in first milestone to decentralizing bug bounty platform

Quick Take

  • Web3 bug bounty service Immunefi has launched its on-chain vaults system — the first milestone toward decentralizing the platform.
  • The on-chain vaults are built using Safe (formerly Gnosis Safe), enabling bug bounty deposits in stablecoins, ether or any asset listed on Uniswap, Immunefi said.

Immunefi aims to decentralize the web3 bug bounty space by launching an on-chain vaults system.

The move is designed to foster greater transparency and trust between platform participants, enabling crypto projects to deposit assets into their own sovereign vault to pay bug bounty rewards to security researchers, according to a statement released today.

Immunefi hopes the upgrade will boost participation from the community and improve the bug-hunting experience. “We're releasing the first version of our Vaults System, primarily focused on proof-of-assets and providing a frictionless payment experience for bounty programs,” Immunefi founder and CEO Mitchell Amador said. “This allows us to take a responsible first step, meticulously test everything and ensure that our Vaults work at the infrastructure level.”

How Immunefi’s on-chain vaults work

The on-chain vaults are built using the Safe (formerly Gnosis Safe) multisig smart contract and have undergone an internal audit at Immunefi and an external audit with Ourovoros.

Projects maintain exclusive access to their vaults and can make bug bounty deposits in stablecoins, ether or any asset listed on Uniswap, Immunefi said. Immunefi provides rewards in USDC, according to its website.

Projects and whitehats can connect their web3 wallets to securely manage the bounty payout, including platform fees, entirely on-chain via the Immunefi Dashboard. Users can check if the funds allocated to bounties are sufficient before submitting bug reports, Immunefi said.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

SSV Network deposits $1 million into sovereign vault

Immunefi’s vaults system is already used by ether staking infrastructure project SSV Network and Near-based decentralized exchange Ref Finance, according to the statement. SSV Network has deposited $1 million into its sovereign vault.

“The Vaults System will help us provide added reassurance for any researcher engaging with our bounty program, and in turn help secure the protocol even further. A good win-win.” SSV DAO contributor Eridian said. “Building further trust with the community by showcasing dedicated funding, and streamlining the payment process, will ultimately strengthen our security efforts.”

Immunefi says it has paid out more than $80 million in bounties and saved over $25 billion in user funds across protocols like Chainlink, The Graph, Synthetix and MakerDAO.

Last month, Immunefi said web3 platforms lost over $1.2 billion in 2023 as Base projects added to crypto exploits in August.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

James Hunt is a reporter at The Block, based in the UK. As the writer behind The Daily newsletter, James also keeps you up to speed on the latest crypto news every weekday. Prior to joining The Block in 2022, James spent four years as a freelance writer in the industry, contributing to both publications and crypto project content. James’ coverage spans everything from Bitcoin and Ethereum to Layer 2 scaling solutions, avant-garde DeFi protocols, evolving DAO governance structures, trending NFTs and memecoins, regulatory landscapes, crypto company deals and the immersive metaverse. You can get in touch with James on Twitter or Telegram via @humanjets or email him at [email protected].