Immunefi Bug Bounty Rewards for Whitehat

Immunefi Bug Bounty Rewards for Whitehat

At Alpha Finance Lab, we put the security of our users as our number one priority. Our users can entrust their funds to our protocol that offers the highest yield, and more importantly, safeguard their assets. Such as Homora V2, our top tier product, that not only offers the highest ROI on leverage yield farming, but also verifies all pools are safe and secure for our users’ usage. Nonetheless, as we are moving forward to keep ahead of blockchain development, we need to keep updating our protocol’s technology and improving the level of its security. This is why we are working closely with quality whitehats in our ecosystem to scale security and the building process further. We decided to work alongside Immunefi as they are the premier bug bounty platform for smart contracts and DeFi projects. This partnership will allow the whitehat community to use Immunefi as their working space to hunt for bugs in partnered protocols, like ALPHA’s.

Recently, a whitehat in the Immunefi community has reported a bug on Homora V2 frontend, which we resolved quickly. Although it does not impact the funds directly, it would give bad actors an opportunity to scam our users; hence, we quickly resolved the bug and wanted to take this opportunity to thank Immunefi for their great service.

Bug Details:

  • Issue: DOM-based XSS on a certain page under specific actions on Homora V2 site
  • Potential issue: A malicious user can inject arbitrary javascript for execution on the end user if the malicious link was entered either directly or via phishing, etc. However, this did not happen since the bug has been resolved.
  • Status: Resolved.

This bug has been resolved and did not propose any harm to our users’ fund. Even though the bug was not on the contract, but on the frontend level, we took this seriously and pursued all necessary measures to prevent users from bad actors. We have successfully eliminated this issue from our system, and as always, continue to keep our users’ security as our top priority.

Community of Builders

Alpha Finance Lab will pay 3500 ALPHA ($1000 at the time of writing) to the whitehat and 350 ALPHA to Immunefi for their valuable contribution. Situations like this make us feel the true sense of decentralization, where people from different backgrounds of expertise will help one another build and expand the boundary of blockchain technology. Without the collaboration between different parties, successful inventions on Web3 may not exist. So we want to encourage everyone to work together, creating a better ecosystem and setting a good standard of Web3 Dapps for the future!


About Alpha Finance Lab

Alpha Finance Lab is a blockchain Lab, and on a mission to build Alpha Universe. Alpha Universe includes the Alpha DeFi ecosystem (Alpha Homora, AlphaX), Alpha Metaverse (Alpha Buy Wall, Provably Rare Gems), and Alpha Launchpad (incubator program).

Join our Telegram/Discord for the latest updates, follow us on Twitter, or read more about us on our Blog and Document!