White hacker known as Riptide discovered a bug in the Arbitrum protocol code. This error could have resulted in loss of millions of dollars

“White hacker” under nickname Riptide received 400 ETH (about $531 K) from Arbitrum protocol for finding vulnerability in the code, about which he wrote in his blog. Because of the critical bug he found, scammers could make millions of dollars. They could divert funds between Ethereum and the new version of the Arbitrum Nitro protocol, which launched a few weeks ago.

“White hacker” Riptide is in business of identifying bugs in codes whose developers offer rewards for doing so on the ImmuneFi platform. According to Riptide, there is a 100% certainty that developers will make a mistake when writing contracts. Or deploying or updating smart contracts.

Riptide knew that Arbitrum Nitro, Ethereum network scalability solution, was running an update and scrutinized the code. And as a result, he discovered a place in the program where the scammer could set up his own address to accept all incoming deposits in ETH.

Riptide reported vulnerability to Arbitrum developers and was rewarded with 400 ETH. However he wasn’t satisfied with his reward. Because the maximum reward for finding the bug, given by the protocol team, was $2 million. He commented on his reward negatively. Riptide stated that it is a bad idea to pay little for such mistakes. This way companies make “white hackers” think about joining ranks of “black hackers”.