Sep 27, 2022 Frank Stewskid

Two critical issues were reported to OpenSea's bug bounty program in a week

OpenSea has fixed two critical issues, that would have affected the security of the marketplace in the span of 8 days. GitHub repositories were last updated about seven hours ago, around the time an independent security researcher and bug bounty hunter Corben Leo, known by his pseudonym  "hacker_" on Twitter, found a critical vulnerability in the NFT marketplace’s code. 

According to the researcher, the issue was fixed within 3 hours of reporting it, and per the company's bug bounty program reward policy, it paid him $100,000. Furthermore, OpenSea had the Samaritan retest the bug, costing him gas fees, which they also covered in addition to the bounty payment. 

This was the second critical bug reported publicly, following an issue that was found by Twitter user "nix.eth" and shared on September 20, which took 12 hours for the team behind the popular marketplace to patch. OpenSea paid the crypto analyst the same amount of funds - $100,000. 

Author:

Frank Stewskid

Frank Stewskid

Last updated: Sep 27, 2022

Recent news:

Video Tutorials