A Low Bounty for a High Stakes Breach
A security firm called Decurity recently revealed that it was offered a measly $500 bounty by DxSale Network, a decentralized token launchpad, after discovering a breach that could have cost the platform over $5 million. In a blog post, Decurity explained that one of its researchers found a bug in an unverified smart contract on the Binance smart chain (BSC) belonging to DxSale. The contract’s insecurity could have allowed hackers to drain funds during an initial decentralized offering (IDO). The potential losses were estimated to be around $5.2 million. Decurity contacted DxSale, but initially faced a poor response from the team. However, they were eventually able to discuss the situation with DxSale’s founders and developers.
Key Points:
– Decurity discovered a security breach in DxSale’s smart contract that could have resulted in a $5.2 million loss.
– The security firm was offered a $500 reward for finding the bug, which is significantly low given the potential impact.
– DxSale initially downplayed the issue, claiming the inactive state of the contract made it non-threatening.
– Decurity expressed concerns about DxSale’s response to security threats and advised users to be cautious when interacting with projects on the platform.
– DxSale later partnered with security outfit Vital Block Security, but has not responded to Decurity’s claims.
Hot Take:
It is concerning that DxSale offered such a low bounty for a security breach with such high stakes. The initial response from the team was inadequate, and it raises questions about their commitment to user security. While the partnership with Vital Block Security is a step in the right direction, DxSale needs to address the underlying issues and prioritize the protection of user funds. Crypto users should remain vigilant when engaging with projects on the platform.