I really hate doing this kind of exposure but it seems its the only way to drag attention for something to be resolved when dealing with vulnerability disclosure reports and getting paid. Communication is not one of Anchors teams strength it appears. /1
Conversation
Will keep this brief. TL;DR -
1. I had promised a 1M personal bounty on critical bugs that falls into immunefi’s 50k critical bug category - this unfortunately did not - fell into 20k category
Anchor team had nothing to do with it, so im not sure how they would respond to u
7
6
159
Second, we leave it to agencies like immunefi to communicate with bounty participants precisely because we lack the time and objectivity to engage ourselves - we simply cannot engage with everything
Delegating is not “poor communication”
I did not issue the additional 1M bounty because 1) didnt meet requisite criteria, and 2) immunefi recommended against it
2
64
But why not pay anyway? If we paid people millions outside of predeclared rules for sidestepping bug bounty channels and bugging many members of our team over dms and twitter, it sets pretty perverse incentives
2
61
Show replies