Incentives for developers

Recently read Paradigm blog on some vulnerability in MISO. It might have lead to $ 350 Million exploit but @samczsun (Two Rights Might Make A Wrong - Paradigm) found it early and reported to the team.I don’t know whether he is a contributor in Sushi"s projects or not. He must be paid for this. You all will agree that security audits have just become one tick mark in DeFi. Its time to pay the white hats enough so as to align incentives in community direction.
How much will he be paid? Please don’t say that he should be paid just $10000 for this.
Recently polynetwork team announced bounty of just $ 500 K( for $ 600M) for that hacker.
If he is not a regular contributor and just did it out of his curiosity I think he should be paid at least $ 1.5-3 M with 2 months lock up and then linear vesting.
(Note- Be soft on me.I am new here and learning the rules.)

I think we should stick to this : SushiSwap Bug Bounties | Immunefi

1 Like

I read the same article you shared by @samczsun and because of the open communication and quick reactions between the teams, I’m already assuming they have a relationship set up for payment for this type of work.

Omakase clarified in the recent Sushi Forum that he would be paid at least $1M