On January 3, 2025, a blockchain security researcher, known as @lj1nu on X, discovered a security flaw in one of Virtuals Protocol’s audited smart contracts.
@lj1nu reported the issue, and Virtuals Protocol quickly patched the bug. However, the user learned that the company had no active bug bounty program, which left the discovery without a reward.
Moreover, the artificial intelligence (AI) focused blockchain company closed its dedicated Discord channel for reporting such vulnerabilities.
Did you know?
Subscribe - We publish new crypto explainer videos every week!
What is Shiba Inu Coin? (Explained with Animations)
Later on, @lj1nu shared the details on X, warning about the potential impact of the vulnerability on Virtuals Protocol’s ecosystem.
The user expressed concerns about the company’s approach to security, stating, "The vulnerability is simple and can impact the Virtuals ecosystem (but Virtuals probably doesn’t care about security)".
Virtuals Protocol reached out to @lj1nu, assuring the user that the company would review the severity of the vulnerability and promised a bug bounty reward. However, no specific amount has been announced yet.
In a post on X, Virtuals Protocol thanked @lj1nu for reporting the issue. They stated, "Thank you @lj1nu for bringing this to our attention - a patch has been pushed". The company also added that they are working on a bug bounty program and will announce the details soon.
Meanwhile, a large-scale crypto investor recently secured a substantial profit from investing in the Virtuals Protocol (VIRTUAL) token. How much did they earn? Read the full story.
