interesting that crypto bounties so much larger than normal SaaS

i was just looking at the apple / microsoft / google bounties (and the password managers) and the avg immunefi max payout dwarfs most of these

janitor for /zk and some more stuff here linktr.ee/randomishwalk

Few bugs in the old world give the attacker a direct shot at 100 million dollar loot, so bugs in general aren't taken very seriously. Losses are less tangible, data, reputation, IP, etc so it can be harder to justify the spend.

My favorite thing about this space is that it gives people a reason to care about security.

+1 

Apple unfortunately just isn’t hurt that badly when they have a zero day.

Better incentive alignment here at least.

Pragmatism (Security) at OP Labs.
Prev: ConsenSys & Coinbase.

Attribs: Friendly, curious, introverted, mid-witted.
Chans: /eth-security /maurelian /stoicism




the incentive alignment here is arguably too good 😅