BUG BOUNTY: This AIP Aims To Set Up And fund A 1M $Ape Community Wide Bug Bounty Program
There is an Ape Improvement Proposal on the ballot this week that aims to create and fund an ApeCoin DAO wide bug bounty program.
AIP-155 titled “Should we fund an ongoing bug bounty program for all AIP’s that introduce security risk?” is an ecosystem allocation fund proposal written by Bored Ape Yacht Club member and Snag Solution’s Founder Zheerwagen.
In total, Zheerwagen proposed that the ApeCoin DAO allocate 1 Million $Ape or $4,500,000 USD to funding an ongoing community wide bug bounty program.
“The bug bounty program would allow us to incentivize a community of white hat hackers to find potentially costly bugs with the future AIPs, Zheerwagen wrote. “An ongoing program will allow us to address new vulnerabilities as they are discovered, ensuring APE holders are safe.
The bug bounty program will be funded as long as funds remain, and funds are only paid out when vulnerabilities that meaningfully reduce community risk are discovered and addressed.”
Of this 1 Million $Ape, Zheerwagen proposed that the DAO pay Solidity.io, a full-stack Web3.0 solutions firm and product incubator focused on providing blockchain development services, smart contract solutions, and audits, 20,000 $Ape upfront to set up this Bug Bounty Program with Immunefi. As the Bored Ape Gazette previously reported, the DAO is currently working with Immunefi to run the DAO’s ongoing staking bug bounty program.
“To run an effective bug bounty program, the DAO needs an experienced team to represent their interests and coordinate between all the different stakeholders,” Zheerwagen wrote. “Solidity.io will collaborate with the Immunefi team to design the parameters and payouts for the bug bounty program and coordinate between all the different stakeholders through implementation at which point AIP authors will be responsible for managing communication with hackers as requests come in.”
Further, Zheerwagen proposed that the DAO pay Solidity.io 20,000 $Ape annually each year that the DAO wide bug bounty program is active. Zheerwagen also proposed that the DAO pay Immunefi 10% of any vulnerabilities discovered, according to AIP-155. “if a white hat hacker is paid $100,000 for a bug they discovered, Immunefi will receive $10,000), Zheerwagen wrote.
The window to vote on AIP-155 opens tonight at 9 P.M. EST. $Ape holders will have until next Wednesday, January 18th, to cast their $Ape!