Image for post
Image for post

Many post-mortems in DeFi are sad because they’re written up in reaction to users losing millions from an exploited project. This, however, is a happy one. On January 30, Alexander Schlindwein, CTO of Ideamarkets, submitted a critical bug to Immunefi for ArmorFi’s smart contract code. Armor, which had joined the Immunefi platform about a week prior, had just upgraded the size of its bug bounty to 1,000,000 mostly vested $ARMOR tokens, and the upgrade was too tempting to ignore.

In other words, the bounty went from about $23,000 USD to $700,000 USD, and within about a day, a critical vuln…

Image for post
Image for post

Hacker Earns Largest Ever Crypto Bug Bounty via Immunefi

ArmorFi pays $1.5m to whitehat hacker Alexander Schlindwein. ArmorFi CTO offers to get a tattoo of Schlindwein’s choice.

Singapore, February 3, 2020 — Immunefi, the premier bug bounty platform focused on smart contracts and blockchain, announced Wednesday that whitehat hacker Alexander Schlindwein (@bobface16) successfully submitted a critical bug via Immunefi that would have drained the entirety of underwriting funds from decentralized finance (DeFi) insurance project ArmorFi. Schlindwein delivered the submission a mere 24 hours after ArmorFi offered 1m in mostly vested Armor tokens (current market value $1.5m USD) to anyone who…


Immunefi is the premier bug bounty platform for smart contracts, where hackers review code, disclose vulnerabilities, get paid, and make crypto safer.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store