(no title)
usmannk | 1 year ago
I caution readers to not make rash judgements on their skill like this though. These bugs are really hard to find, and it was a minor miracle that I noticed these ones at all. I actually had a whole list of critical bugs in this codebase ready to report before the V2 upgrade was merged to master (which would put it in scope for a bounty). However the auditors managed to find every single bug on my list. I only noticed the ones that eventually made it here later, by a stroke of luck, and after I had already spent a ton of time looking at this codebase without noticing them.
yieldcrv|1 year ago
did you try other things like try to get employed by the team, or consider submitting an altruistic pull request? or was the bug bounty the adequate incentive from the getgo