Although it had been a while since Wormhole’s network was illegally breached into and hacked by a hacker. As a result of the hack attack about 120K wETHs were stolen which culminated into huge financial and reputational loss to Wormhole. Approximately, a financial loss of US$ 323 Million was caused to Wormhole at the relevant time. However, the hacked project became seriously concerned about its protocols and sought help from white hat hackers to come forth and identify apparent and potential vulnerabilities.
It was an open invitation and help was sought from the qualified individuals irrespective of their nationalities. Under the aiding arrangements, the company also committed that it would not disclose the identity of the white hat hacker if the person so desired. Resultantly, an initiative called ‘bug bounty’ was introduced by Wormhole. According to Wormhole’s senior management, the bounty initiative was essential because earlier in the month of February the decentralized bridging platform became victim of mega hack attack. Eventually, a white hat hacker whose pseudonym was ‘satya0x’was shortlisted and given the task of identifying and removing the crucial bug implanted by the hackers.
The project gave the white hat hacker the task of first identifying the bug whether it was low or high risk bug. Under the initiative, if the bug posed low-level threat, then a bounty of US$ 2,500 was to be paid to the bug remover. However, in case the bug was of crucial nature, posing grave risk and dangers, then Wormhole decided to compensate the hacker with a sum of US$ 10 Million. It was by far the highest bounty offered in the digital economy sector.
The bounty price was enough for sending a loud and clear message to those who think that they were capable of pulling the job.
Eventually, satya0x successfully was able to identify the bug, which was found to be of a critical nature. The white-hat hacker claimed further that Wormhole’s network was facing a serious nature threat of vulnerability. According to satya0x, the bug posed an existential threat which the hacker reportedly located in Ethereum’s essential bridging contract. The bug was ultimately successfully patched by satya0x. It was further reported that while applying the patch, there was no harm caused to any of the funds belonging to any of the users. It was reported that a payout of exactly US$ 10 Million was made by Wormhole in favor of satya0x for the job done.
In the meantime, the project has taken further initiatives for making its preventive measures further foolproof. It was reported that the implanted bug was directly affecting the upgradation of Ethereum contracts of Wormhole. If the bug hasn’t been removed then it could have potentially exposed smart contracts or even the complete protocol as a whole to grave vulnerability.