GMX Awards $1 Million Bug Bounty to Collider Research
GMX, a decentralized exchange, has recognized Collider Research’s discovery of a critical bug in GMX’s smart contracts by awarding them a $1 million bug bounty in 2022. The bug affected how the protocol tracks outstanding debt in GMX’s smart contracts.
The Bug’s Impact on GMX and GLP
Although GMX has not provided specific details about how the bug was patched and when, they revealed that it negatively impacted liquidity providers (LPs) on GMX v1. The bug caused inaccuracies in quotes related to the fair value of tokens, particularly affecting the Global Liquidity Pool (GLP) and causing it to deviate from its fair value.
The Importance of the Debt Tracking Mechanism
GMX supports up to 50x leverage, and its system tracks debt borrowed by traders and how it is repaid through smart contracts. Traders enter into debt for each leveraged position, and if prices move against them, they are liquidated. Any disruption to this mechanism can severely impact GMX’s revenue and discourage liquidity providers from participating.
A Previous Exploit on GLP
In September 2022, an exploiter took advantage of a flaw affecting GLP on GMX and managed to steal over $570,000 from the AVAX/USD marketplace. This incident highlighted the vulnerability of the platform and the need for robust security measures.
Bounty Program Details
GMX’s bug bounty program aims to ensure the integrity of its smart contracts and application by preventing theft of user funds through unauthorized transfers, price manipulation of GLP, freezing, and other threats. The program rewards white hat hackers who identify flaws based on their severity. The maximum bounty for critical code flaws is $5 million, with a 10% cap on potential damage caused by the vulnerability.
Hot Take: Bug Bounty Programs and the Importance of Security
Bug bounty programs play a crucial role in improving the security of decentralized exchanges like GMX. By incentivizing researchers and developers to identify vulnerabilities, these programs help protect user funds and maintain the trust of liquidity providers. The recent bug discovered by Collider Research highlights the ongoing need for robust security measures in the crypto industry. It serves as a reminder that constant vigilance and investment in security are essential to safeguarding the ecosystem and fostering its growth.
By
By
By