Blockchain

Virtuals Protocol Fixes Bug, Pledges Bounty For Researcher’s Discovery

An unexpected bug found in an audited smart contract led Virtuals Protocol, a blockchain firm focused on artificial intelligence agents, to issue a timely fix and relaunch its bug bounty program. On Dec. 3, 2024, pseudonymous security researcher Jinu contacted Virtuals Protocol after discovering a bug in one of its audited contracts. Still, upon reporting the issue, Jinu learned that the company did not have an active bug bounty program, meaning the discovery did not qualify for a reward.

According to Jinu, the Virtuals Protocol team also closed the Discord group created solely to report the vulnerability. In an X thread, Jinu said: “The vulnerability is simple and can impact the virtuals ecosystem (but virtuals probably doesn’t care about security”. Jinu explained to Cointelegraph that the vulnerability was related to a lack of validation when creating AgentTokens based on the internal bond threshold. “If exploited, this vulnerability would have prevented AgentTokens from being generated until the contract was fixed,” Jinu said.

After the information was made public on X, Virtuals Protocol contacted Jinu and issued an immediate fix. Despite the timely fix, Virtuals Protocol is yet to announce a bug bounty reward for Jinu. In a message to the researcher, the company thanked Jinu for reporting the issue and apologized for earlier miscommunication.

“Hey jinu we have verified the vulnerability and applied a patch below. Thank you for bringing this up to us and we apologise for the miscommunication between support and yourself. Let us internally review the severity of the issue and we will issue you a bug bounty shortly,” the company representatives told the security researcher.

When asked about the bounty expectations, Jinu said they are unaware of the general rewards for bug discoveries. Jinu told Cointelegraph that they got interested in Virtuals Protocols after a friend invested in a token created on Virtuals. “I spent about 30 minutes looking at the code to see if it was well done,” Jinu said before they came across the bug.

Terron Gold

Next ABC DAO’s AI Agent Demo Launches Memecoin $LPW, Hits $90K in 24 Hours »

Previous « $COOKIE Token Jumps 420% This Week as $14 Million Staked Fuels Surge

Published by

Terron Gold

Tags: AIAI Agentsbug bountysmart contract audittoken launchVirtuals Protocol

1 year ago

Candy Digital Announces Migration to Solana as NFT Platform Repositions for Long Term Growth

NFT platform Candy Digital has announced plans to migrate its digital collectibles ecosystem to the Solana blockchain, signaling…

6 hours ago

U.S. Regulation

US Military Runs Bitcoin Node for National Security Testing, Admiral Tells Congress

The U.S. military has confirmed it is actively running a Bitcoin node as part of national security research, while…

6 hours ago

Web3 Gaming

Over 90% of Web3 Games Failed After $15 Billion Boom as Players Never Showed Up

The Web3 gaming sector is facing a harsh reality check as new data reveals that more…

7 hours ago

Market Watch

Justin Sun Sues Trump Linked World Liberty Financial Over Frozen Crypto Assets

Justin Sun, founder of TRON, has filed a federal lawsuit against World Liberty Financial, a crypto venture…

9 hours ago

Market Watch

Tether Freezes $344 Million in USDT on Tron After Wallets Flagged by U.S. Authorities

Tether has frozen approximately $344 million in USDT on the Tron blockchain after the wallets were flagged by U.S. authorities, marking…

10 hours ago

U.S. Regulation

Kalshi Fines and Suspends Three Congressional Candidates for Betting on Their Own Elections

Prediction market platform Kalshi has fined and suspended three U.S. congressional candidates after determining they engaged in “political…

11 hours ago