Azuro Launches a $30,000+ Bug Bounty on Immunefi

Azuro has launched a bug bounty on web3’s leading bug bounty platform Immunefi, with hackers being rewarded a maximum bounty of $21,500 for finding a critical issue. This is an extra layer of security for the protocol & the final step before Azuro’s mainnet launch and the first betting frontend goes live.

The Backstory

Before the launch of the bug bounty, Azuro had already conducted 2 external audits from reputable auditors. After their scrutiny, no critical issues were discovered, and minor issues were resolved. However, following a further investigation from Azuro and their partners Gnosis, there appeared to be a critical issue connected to the liquidity pool which had been entirely missed by the auditors. This was very disappointing news for all involved and has led Azuro to question the ability of the auditors.

Perhaps the reason behind the auditors failing to spot the critical issue was due to Azuro’s unique approach to decentralized betting. Instead of following the more traditional approach using a peer-to-peer model, Azuro has created something entirely new. Building the protocol around a peer-to-pool design created a completely novel liquidity pool design being developed, now known as — The Liquidity Tree. Due to this unique approach to the use of smart contracts, and with the protocol's safety remaining paramount, Azuro has felt the only way to move forward was to double down and launch a bug bounty.

The Bug Bounty

Rewards are distributed according to the impact of the vulnerability based on the Immunefi Vulnerability Severity Classification System V2.1. This is a simplified 5-level scale, with separate scales for websites/apps, smart contracts, and blockchains/DLTs, focusing on the impact of the vulnerability reported.

Rewards

Critical — $21,500
High — $7,000
Medium — $2,000
Low — $1, 000

All Critical and High Smart Contract bug reports require a suggestion for a fix to be eligible for a reward.

The following vulnerabilities are not eligible for a reward:

  • Oracles/Maintainer manipulation, for example: choosing the wrong outcome as a winner or incorrect odds. It is solved separately by Azuro’s governance contracts
  • Gas efficiency improvements
  • Limited number of deposits in Liquidity Pool
  • All vulnerabilities marked in Pessimistic security review are not eligible for a reward.

Full details are HERE on the Immunefi website.

Follow the links below to join Azuro’s communities and stay up to date with our progress.

Twitter | Discord | Telegram | Website

--

--

--

A decentralized autonomous organization focused on the democratization and innovation in betting

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The Role of Cybersecurity Within State Security

RAILGUN Privacy Beta Testers’ Guide

The 90 Day Cyber Boot Camp

A virtual goldmine: Why criminals target patient data (Part 2)

Securing Local Government: Attracting Talent and Using Free Resources to Lower Risk in a Security…

{UPDATE} 脱出ゲーム Full Course Hack Free Resources Generator

Are you safe from scammers in crypto?

Top 10 Best Linux Distros for Privacy and Security for 202

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
azuro

azuro

A decentralized autonomous organization focused on the democratization and innovation in betting

More from Medium

Wombat’s Bug Bounty Program with Immunefi — Earn up to $500,000!

UniLend Finance moving towards Omnis Testnet with Completion of Bug Bounty

Forta

Imbue TestNet Launches — How to Submit Proposals