Olivia
Online
Kit
@riproprip
I find bugs: Immunefi All-Time Top 30
Joined April 2015
1.7K Following
1.1K Followers
272 Posts
Pinned Tweet
Solana fixed the bug long ago ...
The tech side went perfect:
- It was easy to get in touch
- 1 day to acknowledge the bug
- 3 days to fix in prod
Not so great:
- 5 weeks to get a payout number
- 12 months lockup
- no props
Overall: 7.5/10. I did disclose with them again.
Here goes nothing. Witness me fellow bountyhunt3rz :)
Hashes for the Hashgod.
Bounties for the brave.
Fate pending.
abcee4e2538c0cf76475b5e8b7c24963ce5ffdc18e88c123fa0f3aefe6e1620f
If you want to try and discover the bug yourself, check out the following and focus on the zk-ops: https://t.co/asO7v7TNz2
If you want to check my report:
https://t.co/kHZkJvibbW
Solana fixed the bug long ago ...
The tech side went perfect:
- It was easy to get in touch
- 1 day to acknowledge the bug
- 3 days to fix in prod
Not so great:
- 5 weeks to get a payout number
- 12 months lockup
- no props
Overall: 7.5/10. I did disclose with them again.
Here goes nothing. Witness me fellow bountyhunt3rz :)
@WhiteHatMage Since you were being reasonable I had no choice but to follow …
How do we get “trillion dollar security”?
During Devconnect Buenos Aires, the Ethereum Foundation and @TheSecureum TrustX brought together Ethereum security practitioners for Trillion Dollar Security Day.
Here are the top takeaways from the event.
https://t.co/Q1vUKulW7E
@WhiteHatMage Yes. Fun fact: Certain europoors get even less 😂
@0xriptide @AngleProtocol Congratz on finding a bug!
Also: I am sorry for your loss.
Weird how they still advertise a bbp on their homepage ...
@lonelysloth_sec @bytes032 Re the undercutting/not paying:
Still think preventing this is the main feature hunters should care about when selecting a bbp platform. Whomever solves this wins.
@lonelysloth_sec @bytes032 Agree: Alignment does not come for free!
My claim is that bughunters are aligned with projects when they report. By starting a bbp a project gains an advantage.
Keeping the advantage is another matter … but it’s hard to value what you don’t get. Hence me blabbing about it.
@bytes032 We only get paid if and when we find a live actionable bug. Sometimes not even then.
The input to payment relationship between projects and other security providers is a bit more lossy imho.
Love the attitude.
Haters will say it’s because there will be a lot of bugs.
But I genuinely think this attitude is what is gonna make Sol win.
why are all the cracked devs writing assembly? 2025 is the year 100% independent community-led open source tooling will make it a first class citizen amongst many other extremely well-resourced languages that will never be able to match its performance. never fade @solana_devs 🫡
@WhiteHatMage Not wise. You and others helped me!
Thanks for opening my eyes to my unusual bug hunting history.
Before chatting with you I just assumed everybody would deliver like @raydiumprotocol. Turns out they are what every bughunter should hope for. Absolute professionals.
Here goes nothing. Witness me fellow bountyhunt3rz :)
5 weeks and 4 days to get a payout number.
Meanwhile I had to do the trustfall and submit another POC to the same project .
NGL to you. The wait wasn't easy.
But hey: All is well that ends well.
Thx to everyone that kept me from going insane due to heisenbergian payout angst!
@LanceAddison17 @PatrickAlphaC Why am I rambling on this while the ecosystem at large has provided plenty for me?
1) Stayed too long in the sun
2) I worry that “assuming the people smart enough to find the bugs are also wise enough to choose cooperation” is not a sufficient survival strategy.
I’m out. GL+HF
@LanceAddison17 @PatrickAlphaC … the perfect last response that will finally convince them to kill the bug.
I have no idea why I am doing this other than that my brain is irked by knowing that vuln is still live.
Pretty sure I won’t get paid even if they fix due to [redacted, maybe ok reasons].
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.2M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.8M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers