In just three weeks since BitsLab launched the public welfare "Web3 Escort Plan" , we have joined hands with the world's top white hat forces to build a solid non-chain security line for the Web3 ecosystem. The three-week journey has been a success with remarkable results. Now we are publishing a three-week summary to share the phased progress with the ecosystem co-builders.
Week 3 Results Quick Review: Security Power Behind the Numbers
Number of projects settled in: 17
Number of white hats: 30
Number of valid vulnerabilities submitted: 18
Critical vulnerabilities: 3
High risk vulnerabilities (High) ⚠️: 3
Medium vulnerability 🔍: 2
Low vulnerability (Low): 10
Total bounties: 11,150 U
Highest single bug bounty: 3,000 U
The settled projects include Web3 new ecology, exchanges, DeFi, wallets and other fields, working together to build a security line of defense and jointly protect the cornerstone of trust in the Web3 world. White hats come from global network security experts, and a large number of white hats come from top talents from many vulnerability crowd testing platforms such as HackerOne, Immunefi, Baidu SRC, Ali SRC and Tencent SRC. They are active on the TOP lists of these platforms and have submitted hundreds of high-risk and serious vulnerabilities to the world's top Internet companies such as Google, Alibaba, Tencent, Alipay, Baidu, etc., as well as the world's top exchanges such as Binance, OKX, Bitget, etc., and continue to protect the security of the digital world.
These numbers are not only a testimony to technological strength, but also a milestone in the consensus on Web3 ecological security.
Elite Leading: White Hat Honor List
To motivate technical elites, we have simultaneously updated the white hat score rankings. The rankings are based on the technical difficulty and repair value of the vulnerability (50 points for severe vulnerabilities, 25 points for high-risk vulnerabilities, 15 points for medium-risk vulnerabilities, and 10 points for low-risk vulnerabilities), highlighting the outstanding contributions of top white hats:
Leader style:
Upme4 topped the list with 75 points, submitted multiple high-risk vulnerability repair solutions, and the cumulative bonus in three weeks exceeded 4550U, showing top technical strength. The Royal Forest Security Team performed brilliantly, with members r3col and hack3r working together to harvest both points and bonuses. Congratulations to chen for getting 10 points and winning 300U bonus, winning the third place in the current ranking, and c0urag1 for getting 10 points and 200U bonus. Congratulations and encouragement to other white hats who have won points and bonuses, and are discovering vulnerabilities.
These white hats are not only technological pioneers, but also the "invisible guardians" of the Web3 ecosystem, using their practical experience to build a security backing for the project parties.
Looking to the future: The road to safety never ends
The three-week success is just the starting point. BitsLab will continue to work hard: the goal is to attract more Web3 projects to join within the year, and recruit more top white hats from around the world to build a Web3 global security network. At the same time, we will also offer Web3-related online courses for white hats, so that more traditional network security white hats can enhance their understanding of Web3, so as to better protect the projects involved in penetration testing.
Why choose the "Web3 Escort Plan"?
Public welfare intention: Commitment to non-destructive penetration testing, focusing on vulnerability repair rather than destruction, vulnerability bounties are given directly to white hats by the project, and BitsLab does not charge any fees
Full-chain protection: covers every weak link of off-chain infrastructure.
Top combat power: It brings together top white hats from platforms including HackerOne, Immunefi, Baidu SRC, Alibaba SRC, Tencent SRC, and members of multiple CTF championship teams, injecting strong technical strength into the plan.
Ecological win-win: The vulnerability disclosure mechanism balances transparency and security and promotes the sharing of industry risk warnings.
Join us now to build a safe future
🔗 Project application channel:
https://docs.google.com/forms/d/e/1FAIpQLSehCT6BiZ97lRSVnTNjB263eTCGy-T5fV40JfvgTjHuPtj-LQ/viewform
👋 White hat recruitment continues:
https://docs.google.com/forms/d/e/1FAIpQLSf5hy1kuSknT6L4dcFqx3aAyKYOabm13HTzzTPbFq-nGoFnLQ/viewform
Security is the cornerstone of ecological prosperity. BitsLab sincerely invites more Web3 projects and white hats to join us, using technology as a shield to build a security wall for the decentralized world!
Note: The final right of interpretation of this article belongs to BitsLab.
About FORKS
FORKS is a decentralized white hat community focused on Web3 security, dedicated to gathering the world's top vulnerability researchers to protect the blockchain ecosystem with technology. With strategic support from BitsLab, it focuses on cutting-edge fields such as smart contracts and virtual machines, and promotes the transformation of traditional security talents to Web3.
About BitsLab
BitsLab is a security organization dedicated to protecting and building the emerging Web3 ecosystem. Its vision is to become a Web3 security organization respected by the industry and users. It has three sub-brands: MoveBit, ScaleBit and TonBit.
BitsLab focuses on infrastructure development and security auditing of emerging ecosystems, including but not limited to Sui, Aptos, TON, Linea, BNB Chain, Soneium, Starknet, Movement, Monad, Internet Computer and Solana. At the same time, BitsLab has demonstrated deep expertise in auditing multiple programming languages, including Circom, Halo2, Move, Cairo, Tact, FunC, Vyper and Solidity.
The BitsLab team brings together many top vulnerability research experts who have won international CTF awards many times and discovered critical vulnerabilities in well-known projects such as TON, Aptos, Sui, Nervos, OKX and Cosmos.
