LayerZero Labs, the creator of the LayerZero blockchain messaging protocol, has launched a bug bounty program on the Immunefi platform, offering a record-breaking maximum reward of $15 million for critical smart contract and blockchain vulnerabilities.
Bug bounty programs are designed to encourage ethical hackers to identify and report security bugs in platforms before they can be exploited by malicious actors. LayerZero Labs aims to demonstrate its commitment to security and build trust in its communication protocol through this initiative.
The bug bounty program will distribute rewards based on the severity of the findings and the impacted blockchains. Critical-severity findings, such as those resulting in the loss or theft of user funds or permanent denial of service attacks, carry the highest payouts.
High-severity issues include governance voting result manipulation and modification of LayerZero default settings, while medium-severity findings involve attacks that harm users without benefiting the attacker. The program has defined payout ranges for each severity level.
The program’s scope includes critical bugs impacting popular blockchains like Ethereum, BNB Chain, Avalanche, Polygon, Arbitrum, Optimism, and Fantom in Group 1, with payouts ranging from $250,000 to $15,000,000.
Group 2 encompasses other blockchains supported by LayerZero, with lower maximum payouts. Payouts will be processed directly by LayerZero Labs in fiat USD or cryptocurrency.
To be eligible for rewards, bug bounty hunters must submit a proof-of-concept example demonstrating the practical feasibility of the attack. They are also required to undergo a Know Your Customer (KYC) process and pass an OFAC Screening to ensure compliance with regulatory standards.
LayerZero Labs’ bug bounty program demonstrates its dedication to maintaining the security and integrity of its blockchain messaging protocol, fostering a safer environment for users and bolstering trust in the platform.
