Sky Mavis Introduces Bug Bounty Following Ronin Bridge $624M Hack 

Sky Mavis, the company behind Axie Infinity is calling on whitehat hackers to help strengthen the security of its blockchain, smart contracts, and apps, following the theft of over $600 million from its Ronin network.

The company announced that the up to $1 million bug bounty covers two categories; smart contracts and web-related issues.

According to Sky Mavis some of the prioritized smart contract vulnerabilities include re-entrancy, oracle manipulation, and signature malleability, and others. Other issues the team wants white hat hackers to dig into include authentication errors, flash loan attacks, and susceptibility to front running.

Bugs in the web or app interface will see rewards between $50 to $15,000, depending on the severity. The Sky Mavis team might also award additional bonuses for exceptional bug reports.

The bug bounties will be paid in Axie Infinity’s AXS token. Serious bounties that command a $1 million reward will include a vesting requirement with a six-month tenure. In other words, recipients will only be able to liquidate a specified portion of the funds per month.

Sky Mavis Bug Bounty Program is the latest action taken since the Ronin hack. In March, an attacker was able to drain $624 million from the Ronin bridge.

The hack was only noticed 6 days after it took place. Since then, Sky Mavis has been working to recover the stolen funds and promised reimbursement for Axie players that were impacted. However, the hacker already appears to be obfuscating the funds in small batches using a mixing service.

Other actions taken since the hack include replacing the validators compromised in the attack. Sky Mavis has also raised $150 million as part of the restitution for users affected by the incident.