Security researcher receives $1M bug bounty for saving company from $350M bug
twitter.comLink to company confirming payment: https://twitter.com/josephdelong/status/1431314816698916865
Link to researcher writeup: https://www.paradigm.xyz/2021/08/two-rights-might-make-a-wro...
Wow, 10 minutes to start reading the code from scratch and find the vulnerability. Then just another 20 minutes to confirm the bug with an exploit, some of which were spent fighting with a broken dev environment. That is impressive!
Now that is a great payout towards this security researcher for finding this cryptocurrency bug. Well done to them.
Is this the largest bug bounty in history? (Not counting black hat / gray area "bounties")
I looked at the write up but as a layman I don’t understand any of it. Is there something else that eli5?