BUG BOUNTY: An AIP To Create A Bug Bounty Program & Delay Staking Rewards Is On The Ballot This Week
After two weeks of debate, the community will now have its chance to vote on whether the DAO should delay staking rewards by three weeks and create a bug bounty program for the $Ape staking system.
Ape Improvement Proposal 134 titled,”Bug Bounty Program for AIP-21,” is a process proposal that was written by ApeCoin Special Council member Maaria Bajwa.
“As we near the launch of the ApeCoin staking system outlined in AIP-21 and AIP-22 we propose taking additional measures to ensure the DAO is following smart contract security best practices,” Bajwa wrote. “This proposal uses treasury assets to fund a 1 million $APE bug bounty program with Immunefi, and partners with Llama 1 to help design, implement, and run operations of these initiatives.”
As the Gazette previously reported, the ApeCoin DAO approved 175 million $Ape tokens or 17.5% of the coin’s total supply being distributed via staking over the next three years, according to AIP-22.
With so much of the coin’s supply going towards staking, Bajwa believes that a bug bounty program is needed to ensure staking safety.
“We have all seen the headlines around massive protocol hacks,” Bajwa wrote. “Chainalysis released a report yesterday saying that over $3 billion has been stolen by hackers this year alone. A couple weeks ago, a vulnerability in the official Binance Smart Chain bridge allowed an attacker to run away with over $100M in stolen funds. Given this staking program uses a new architecture that includes committing NFTs, we believe it is prudent to run a bug bounty program ahead of any rewards being accrued to holders. Traditional audits can mitigate some of the smart contract risk, but audit contests and bounty programs provide additional layers of security to identify bugs and keep users safe.”
This added security is not without its drawbacks. In her proposal, Bajwa explains that If the ApeCoin DAO passes AIP-134, then $Ape staking rewards will be delayed by three weeks.
“This proposal will delay staking rewards by roughly 3 weeks,” Bajwa wrote. “If this proposal passes, staking rewards would begin accruing on 12/7, rather than 11/14. Though the 3-week delay is unfortunate it is vastly preferable to a security breach as a result of not following security best practices. We believe it is very beneficial for the DAO to approve this program.”