At a time when lakhs of WazirX exchange users are anxiously awaiting their funds back, another venture ‘Shardeum’, which is floated by WazirX co-founder Nischal Shetty, announced a Rs 2 crore “bug bounty” program.
A bug bounty program is offered by companies to coders and developers where they get paid to find exploits and other security loopholes in software programs, as a step towards increased security measures.
Shardeum, a startup founded by Nischal Shetty, has come under criticism from WazirX users, who questioned the timing of this bug bounty program, when WazirX users are suffering from acute funds crisis.
Shetty is currently battling multiple legal cases including the one for funds compensation (restructuring scheme) for its 4.4 million users. He had claimed in court that his exchange doesn’t have sufficient funds to compensate all users post the Rs 2000 crore hack on July 18.
Shardeum has officially launched this second bug bounty program in collaboration with Immunefi, offering a substantial reward pool of $250,000 (~₹2.1 crore).
This follows the success of their first program, which ran from July 8 to August 14, 2024, and drew massive participation from white-hat hackers and community members.
The new bug bounty program started on September 4, 2024, and will end on October 16, 2024, at 12 PM UTC. With the enthusiasm generated by the first round, Shardeum intends to continue harnessing the abilities of security researchers to ensure the stability and security of its platform ahead of the mainnet launch.
The bug bounty program is divided into two categories: Core Boost and Ancillaries Boost. The Core Boost, with rewards up to $150,000, focuses on identifying vulnerabilities in the Shardus Core Protocol and Shardeum Validator Nodes, targeting top-tier white-hat hackers. Recent improvements, like the update to validator version 1.12.2, came from community-reported bugs, leading to better network stability.
The Ancillaries Boost, with a $100,000 reward pool, is for Web2 security experts working on Shardeum’s Rust and TypeScript-based infrastructure, focusing on ensuring the platform’s broader security beyond the core blockchain.
Despite the program’s potential benefits, it has also sparked some controversy within the Indian blockchain community. Following recent security breaches, such as the WazirX hack, where millions were stolen, users are questioning the allocation of funds.
While there is no negating the importance of bug bounty programs in web3 spaces, the WazirX users have pointed out towards immediate priority as the basis of resource allocation.
Also Read: Crypto Figures and WazirX Users share expectations from Committee of Creditors
