Balancer

mirror.xyz · riptide · 4 hours ago · opinion
0 net
AI Summary

An article discussing best practices and common pitfalls in running bug bounty programs, using Balancer's Merkle Orchard as a case study to critique inadequate bounty management including poor communication, payment delays, and misrepresentation of bounty amounts.

Tags
bug-bounty security vulnerability-disclosure bug-bounty-program white-hat-hacking responsible-disclosure
Entities
Balancer riptide
About Activity Share Home Explore New post Dashboard Newsletter More from riptide riptide Feb 1 Balancer’s Bountiful Merkle Orchard Security & Bounties Let’s talk about bounties for a bit ... How to run a good bug bounty program: 1) the protocol is a good actor w/ regard to paying bounty hunters fairly and timely 2) bounty amount represents a fair reward compared to the amount of funds at risk How to run a bad bug bounty program: *1) bug is disclosed to protocol and follow-up emails by hacker are ignored/no timely responses 2) payments are confirmed but delayed for weeks/months 3) actual bounty paid is less than advertise... View more Search... Ctrl + K riptide Sign in white hat hacking for fun and profit Subscribe Subscribe to riptide Subscribe <100 subscribers
← Back to stories