We do the research, you get the alpha!
Immunefi, a popular bug bounty system for smart contracts and decentralized finance (DeFi) projects, announced it has raised a $24 million Series A funding round led by Framework Ventures.
Other participants in the round include Electric Capital, Polygon Ventures, Samsung Next, P2P Capital, North Island Ventures, Third Prime Ventures, Lattice Capital, and Stratos DeFi, Immuefi said in a press release shared with Decrypt.
Immunefi is a platform offering bounty programs for ethical hackers—also known as whitehats—where security researchers can review code, disclose vulnerabilities, and get rewarded for their efforts.
According to the firm, it currently protects over $100 billion in user funds locked across multiple DeFi protocols and smart contracts, with as many as 301 projects hosting their bug bounty programs on Immunefi. These include some well-known names such as Chainlink, MakerDAO, Compound, Synthetix, SushiSwap, PancakeSwap, Bancor, Cream Finance, and OlympusDAO.
Immunefi has also facilitated the largest bug bounty payments in the history of software, including $10 million for a vulnerability discovered in Wormhole, a cross-chain communication protocol that fell victim to a $320 million hack in February this year, and $6 million for a vulnerability discovered in Aurora, a bridge and a scaling solution for Ethereum. The firm said that to date has paid out $60 million in total bounties.
"As the space continues to grow, it’s clear that security is at the center of the industry’s success and the key to sustaining further adoption of the technology," Mitchell Amador, founder and CEO of Immunefi, told Decrypt. "It’s tough to see how Web3 scales to the next hundred million people without a big increase in security and trust."
According to Amador, the $24 million funding is part of a "consolidation effort" that will enable it to build out infrastructure to meet growing demand for its services.
“Our participation in Immunefi’s Series A represents the single largest check our firm has ever publicly written”, Roy Learner, Principal at Framework Ventures, said in a statement. “As it stands, Immunefi is by far and away the most widely adopted solution in the crypto security and bug bounties space.”
What’s next for Immunefi?
"We've seen tremendous growth since our initial launch in December 2020, particularly in the last year and so far this year," Amador told Decrypt. "We’ve seen a big wave of projects onboarding on our platform to set up their bug bounty programs, and also a big wave of whitehat hackers submitting bug reports."
Immunefi, which raised $5.5M in October last year, plans to use the fresh funding to expand its current team of around 50 people, which could mean doubling the current headcount, according to the CEO. It will also aim to increase accountability and transparency in the report-to-payout process, as well as funding the development of the next version of its security platform.
In addition, the firm is working to build out an educational platform to educate future whitehats, introduce new tooling, and increase the size of bounties on offer—a move which, according to Amador, could see bounties larger than the current $10 million record.