Sky Mavis, the developer studio behind the popular NFT game Axie Infinity, is stepping up efforts to secure its networks. The company is offering up to US$1 million (about Rs.7.5 billion) as a bug bounty to developers who could identify security vulnerabilities on its networks. The move follows a mega hack incident that drained $625 million (approximately Rs 4,729 million) from Sky Mavis’ Ronin network. The Ronin Network is an Ethereum-connected sidechain developed by Sky Mavis specifically for blockchain gaming.
In a detailed to blogSky Mavis has called for responsible disclosure of security vulnerabilities that may impact its work and users.
“During the research, we would like to ask you to refrain from automated testing, denial-of-service, spamming, spoofing and phishing. If you continue to attack once you have evidence of Remote Control Execution (RCE) attacks, your bounties may be forfeited.”
The rewards will be paid out in the form of Axie Infinity’s native token AXS. acc CoinMarketCapeach AXS currently costs $48 (approximately Rs. 3,673).
“Only vulnerabilities with a working proof of concept showing how to exploit them are eligible for financial rewards. Determining whether a reported issue satisfactorily meets the bar for financial rewards is at Sky Mavis’ discretion,” the blog added.
The Ronin network hack was discovered by Sky Mavis on March 23, resulting in the largest loot ever extracted from a blockchain hack.
The attacker had cracked control of Sky Mavis’ four Ronin validators and a third-party validator operated by Axie DAO (Decentralized Autonomous Organization).
A legal investigation is ongoing in this case.
Sky Mavis has raised US$150 million (approximately Rs.1,142 billion) in a recent funding round led by crypto exchange Binance. The funds will be used to compensate the victims of the Ronin attack.
2/ As we struggled for mainstream acceptance, we made some compromises that ultimately left us vulnerable.
It’s a lesson we learned the hard way. A lesson that will guide how we build Ronin in the future. We are confident that we will emerge from this stronger and wiser.
— Axie Infinity:bat::loud_sound: (@AxieInfinity) April 6, 2022
Overall, cybercriminals stole over US$1.3 billion (about Rs.9,606 billion) by hacking the blockchain sector last year, a report by blockchain research firm CertiK claimed in January.