LayerZero and Immunefi Launch the Largest Cryptobug Bounty Program With Up to $15M in Rewards

LayerZero Labs, the team behind cross-chain messaging protocol LayerZero, is teaming up with bug bounty and security services platform Immunefi to launch a $15 million bug bounty for its protocol, LayerZero co-founder and CEO Bryan Pellegrino told Exclusive to

The bug bounty alliance offers a maximum reward of $15 million for each new vulnerability found by white hat hackers. The platform has announced bug bounties in the past, but not that big, Pellegrino said.

The $15 million maximum reward also makes this the largest bug bounty program in the crypto ecosystem, surpassing the $10 million MakerDAO program.

“We have enough money to pay out numerous premiums. The security of the protocol is paramount,” said Pellegrino. The reward money will come from LayerZero Labs’ equity entity, Pellegrino added.

Immunefi says it provides security services for more than $60 billion in user funds for crypto-based projects and companies such as Polygon, Synthetix, Chainlink, SushiSwap, MakerDAO and Optimism. It has paid out more than $75 million in rewards for bug bounties to date.

Last month, LayerZero raised $120 million in a Series B round at a valuation of $3 billion. Unlike Web 2.0 messaging platforms such as WhatsApp and Telegram, the messaging protocol allows users to send different types of messages between blockchains, such as cross-chain interactions, eliminating the need for intermediaries. LayerZero connects more than 30 mainnet blockchains, including two non-Ethereum Virtual Machines (EVMs) and Aptos.

In the past year, the crypto ecosystem lost about $9.33 trillion to exploits, hacks and scams, with just under $1 trillion recovered, according to De.Fi’s REKT database.

According to Immunefi’s Crypto Losses 2022 report, more than $3.9 billion was “lost” last year. While that may seem like a huge amount of capital to lose track of, it’s 51.2% less than in 2021, when more than $8 billion was stolen, the report found.

In 2022, most of the losses, or $3.77 billion, were due to hacks in 134 specific incidents. About $175 million was lost to fraud in 34 incidents in the same time frame.

Launched in March 2022, LayerZero has seen more than $15 billion in transaction volume in its 14 months so far, Pellegrino said. Since its inception, the messaging protocol has “never had a security breach or hack,” he added.

LayerZero spent about $5 million on auditing to ensure security last year, and it’s committed to following a process to ensure the security of its code before releasing it, Pellegrino said.

Although the market is seeing fewer losses, the numbers being lost are still huge. In March, hackers stole about $200 million from crypto lending platform Euler Finance. While this sounds like a lot of money – and it is – it is only the 26th largest crypto theft ever, De.Fi data showed.

“For anyone building in space, safety must be the priority above all else,” Pellegrino said. “If you don’t have good security, you will eventually get hacked.”

Leave a Comment