Tuesday, May 24, 2022
HomeAfterOpenSea's Fatal OpenSea Bug was Found Again. Will They Pay a Real...

OpenSea’s Fatal OpenSea Bug was Found Again. Will They Pay a Real Bounty?

OpenSea seems to be refusing to pay a reasonable bug bounty for Mr. O, a dev who discovered a serious flaw in the system. This could have disastrous consequences for OpenSea users if it is true.

Is OpenSea compromising its own security by being stingy on Bug Bounties? Credit: OpenSea

OpenSea’s reputation within the NFT community continues to take a beating

To sum up the situation, Twitter user Mr. O (@mr0chill) took to the social media platform to report that they found a “massive vulnerability” in OpenSea. In fact, the Quantum project/product lead stated that this bug is at the “same scale or worse than the last one.” To clarify, they are likely referring to the infamous listing exploit that led to the loss of many high-value NFTs.

Unfortunately for OpenSea users, Mr. O notes in another tweet that they have “had DMs from people who want to “buy” this exploit, offering close to 100x of what Opensea does”. This is a terrible scenario. As Mr. O goes on to explain, “This illustrates a market for vulnerabilities that would be very difficult for someone more money motivated than myself to not fall into.”

Simply put, if people are willing to pay far more than OpenSea for bug information, then there will be people selling that information for the highest price. This scenario exposes OpenSea users to hackers and scammers.

Twitter exchange between OpenSea and a bug finder about its Bug Bounty situation
OpenSea had a brief back-and-forth with Mr. O on Twitter over the matter.

Not the first time that OpenSea has come under fire for a measly Bug Bounty

The tweets – and most of the replies to them – are basically saying that OpenSea is pinching pennies when it comes to paying bug bounties.

It is common for tech companies and blockchain to pay bounties. These are rewards for those who spot potential problems in products. It creates an incentive to highlight flaws and not exploit them.

For example, Polygon awarded a $2 million bug bounty back in October 2021. These numbers show how much companies value the work of people who report bugs. Millions can seem like a small price to pay when compared to the potential damage that security breaches could cause.

Tweet about latest OpenSea bug from @mr0chill
OpenSea’s last major bug led to weeks of anger and frustration from the NFT community due to major financial losses. Credit: @mr0chill on Twitter

Will the grief ever end for the leading NFT marketplace?

OpenSea may well be shooting itself in the foot if it is indeed opting not to pay a fair bug bounty. OpenSea has been criticised for this very issue in the past. Last November, a so-called “white-hat hacker” took to Twitter with similar complaints about OpenSea’s treatment of security and bug bounties.

OpenSea is currently facing a constant stream of complaints from NFT traders via Twitter for several months. This despite the fact that it is the largest NFT marketplace in terms of user numbers. Whether it’s bugs, delistings, its mysterious verification process for NFT projects, or other scams, barely a day goes by without people voicing their displeasure with the platform on Twitter.

Whatever the case, we hope this doesn’t result in another OpenSea problem. It would be a loss-lose situation for both the platform as well as its users.

Are you tired of missing important NFT drops?

Just check out our NFT Calendar!

Receive the biggest NFT news of the day & recommendations in our Daily newsletter.

All investment/financial opinions expressed by NFTevening.com are not recommendations.

This article is educational material.

As always, make your own research prior to making any kind of investment.

Read More

Henry Hicks
Henry Hickshttps://nonfungibletalk.com
NFT and Crypto Enthusiast. Loves Travelling and Exploring the Metaverse!


Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Most Popular