Immunefi CEO’s White Hat Pitch: ‘None of The Bad Stuff. Instead, You’re Going to be a Hero’

Web3 bug bounty platform Immunefi exists as a result of it’s inconceivable to jot down fully safe code, mentioned co-founder and CEO Mitchell Amador on the most recent episode of gm from Decrypt podcast.

However with billions of {dollars} working by way of the pipelines of cryptocurrency protocols, discovering and fixing vulnerabilities has turn into a pricey drawback to unravel. Simply final month, Immunefi printed a report displaying the variety of hacks and scams within the first quarter of 2023 rose 192% in comparison with the identical interval final 12 months. 

Immunefi acts as a bug bounty crowdsourcing platform. Web3 and decentralized finance (DeFi) builders submit bounties, or rewards, for experiences of vulnerabilities discovered of their code. Then laptop safety consultants—or white hat hackers—stab and poke at codebases till they discover a vulnerability. If their report checks out, they gather the bounty and get a tally added to their rating on the leaderboard. 

The very best-earning hacker on the platform has earned $13 million from submitting 4 experiences to this point. And Immunefi has paid out greater than $75 million complete because it launched in 2021. Though the corporate is starting to flourish now, for the primary two years it struggled to realize traction.

In accordance with Amador, the difficulty was that it was extra financially worthwhile to use a cryptocurrency protocol and steal thousands and thousands slightly than report a bug and declare a bounty. However that’s how Amador realized easy methods to hone his don’t-be-a-bad-guy elevator pitch.

“Think about we go to that very same man, and we are saying as a substitute of $200 million, we’ll pay you $10 million. We’ll make you well-known. We’ll glorify you. We’ll show you how to construct your profession—and there is no threat hooked up with this,” he mentioned. “No one’s going to return after you. No one’s going to observe you. No one’s going to search for you and break your legs. No one’s going to file a prison case and no person’s going to ship you to jail. Not one of the unhealthy stuff. As an alternative, you are going to be a hero.”

The framing utilized by ImmuneFi is that the chance related to stealing from a cryptocurrency protocol is just too huge, it doesn’t matter what the monetary reward could be. A black hat hacker will all the time be wanting over his shoulder.

As an alternative, Amador’s venture presents a monetary reward for locating vulnerabilities and pre-emptively warning protocols, however primarily appeals to extra private values comparable to profession satisfaction and peer recognition.

“Why do you do it? As a result of there are different values in life, different issues which might be value extra. And since the downsides to partaking within the motion are very substantial,” he mentioned. “You steal that cash, you have got a lifetime of wanting over your shoulder. It isn’t all the time going to be value it. Is that threat higher? I do not suppose for most individuals.”