The crypto community is grappling with issues surrounding bug bounty programs, a crucial mechanism for discovering and addressing system vulnerabilities.

Usmann Khan, a web3 security auditor, posted on Aug. 17, “Remember that projects can simply not pay, whitehat,” with a screenshot of a message from Immunefi indicating a project had been removed from its bug bounty problem for failure to pay a minimum of $500,000 in bounties.

In response, security researcher Marc Weiss shared the ‘Bug Bounty Wall of Shame’ (BBWoS), a list documenting unpaid rewards allegedly owed to white hat hackers in web3. The data from BBWoS appears to signal a significant lack of accountability and trust within the crypto ecosystem that cannot be ignored.

The BBWoS indicates that a bug bounty for the Arbitrum …