Leading Crowdsourced Security Platform Immunefi Teams Up with Asymmetric Research & Bitcoin L2 Labs to Bolster sBTC Security

Immunefi , the leading on-chain crowdsourced security platform protecting over $190 billion in assets, is bringing its security expertise and elite community of researchers to sBTC with an upcoming "Attackathon" event. sBTC is a 1:1 Bitcoin-backed asset that enables seamless movement of BTC between the L1 and Stacks , the leading Bitcoin L2. This initiative aims to enhance the security of sBTC and contribute to a more robust Bitcoin ecosystem.

Co-hosted by Asymmetric Research and Bitcoin L2 Labs , the Attackathon will offer an opportunity for the white hat hackers who secure most of the top protocols and ecosystems a dedicated period in which they can earn extra rewards for reports and receive helpful support and resources directly from core developers. Additionally supported by the Stacks Foundation , the collaboration will see two ‘Attackahons’ over the coming months as sBTC rolls out in stages. These efforts build upon months of testing led by Stacks Foundation Residents and the Asymmetric Research team and are in part made possible by Bitcoin L2’s ‘Orange Hats’ program which funds various security-related initiatives that support the leading Bitcoin L2.

Notably, the partnership will continue beyond the upcoming Attackathons, with aspects of the sBTC protocol planned for addition to the existing Stacks bounty program on Immunefi. Asymmetric Research Bitcoin L2 Labs will then join the Stacks Foundation as key contributors in the administration of the overall Stacks layer bounty program.

“We’re excited to bring our expertise to the security of Bitcoin’s evolving infrastructure,” said Sajjad Rehman, VP of Revenue at Immunefi. “sBTC is set to unlock immense opportunities for financial innovation and inclusion. The Attackathon is specifically designed to strengthen sBTC and ensure that Bitcoin’s growth is matched with robust protections for users everywhere. The most elite security researchers will lay the groundwork for the next era of the Bitcoin ecosystem.” 

Securing Programmable Bitcoin

While Bitcoin is the most widely adopted and liquid cryptocurrency, its utility remains limited. The Bitcoin ecosystem faces a critical challenge: how to expand Bitcoin's capabilities while maintaining its renowned security. This is crucial because enhancing Bitcoin's functionality could potentially activate over $1.2 trillion worth of BTC, based on CoinMetrics' Free Float Supply metric. Such activation would make the Bitcoin ecosystem ten times larger than the current DeFi market in terms of Total Value Locked (TVL).The key to unlocking this potential lies in developing programmable Bitcoin solutions that meet the high security standards Bitcoin users expect. By focusing on secure Bitcoin (sBTC), initiatives like Immunefi's Attackathon are taking proactive steps to identify and address vulnerabilities, thereby strengthening the entire Bitcoin ecosystem.

The Attackathon

The Attackathon is a time-bound code review program hosted by Immunefi, ensuring top-tier engagement from elite security researchers, and featuring a focused educational component. The six-week program will focus on hardening code security for Stacks following the Nakamoto upgrade.

The first Attackathon will target sBTC with deposits only, offering a $250k bug bounty prize pool and a 1 million STX ($2 million USD) yield pool, which will be divided among successful submitters for three months following the contest. The second Attackathon will focus on sBTC with withdrawals, with the same prize structure in place. Following the conclusion of the second Attackathon, the sBTC Bug Bounty Program will be launched as part of the existing Stacks bounty program on Immunefi, representing an ongoing commitment to security ensuring the sBTC ecosystem continues to evolve with robust protections in place.

The Attackathon will include a comprehensive educational component, providing dedicated resources on the Stacks technology and ecosystem, security explainers, and guides from Immunefi and core developers. These resources aim to enhance accessibility for the broader security researcher community and deepen their engagement within the Stacks ecosystem. 

Immunefi operates the largest web3 security community with over 45,000 researchers and protects over $190 billion in user funds. Immunefi has paid out the most significant bug bounties in the software industry, amounting to over $110 million while saving over $25 billion in user funds. Currently, Immunefi offers over $180 million in bounty rewards. The platform connects skilled security researchers with projects, facilitating the responsible disclosure of vulnerabilities. This approach mitigates risks and fosters a more secure and resilient code base that allows projects to scale safely.

As the Bitcoin L2 landscape continues to evolve, the importance of robust security measures is a shared priority among builders and developers.

The "₿est and the ₿rightest" Campaign

Immunefi's support for sBTC comes as part of the "Best and the Brightest" campaign. This initiative features leaders from around the world of Bitcoin who are helping to activate the Bitcoin economy through their support of sBTC. Every company or organization participating in this campaign is the top player in their category relative to Bitcoin and will be revealed throughout November and December. The campaign includes commitments from top investors, institutions, security providers such as Immunefi and AR, retail players, and more. The campaign hub can be found at the ₿est and the ₿rightest landing page .

Securing the Future of Bitcoin

By focusing on sBTC, Immunefi is playing a crucial role in strengthening the broader Bitcoin ecosystem, with the Attackathon serving as a proactive approach to identifying and addressing potential vulnerabilities before they can be exploited.

This post is commissioned by Stacks and does not serve as a testimonial or endorsement by The Block. This post is for informational purposes only and should not be relied upon as a basis for investment, tax, legal or other advice. You should conduct your own research and consult independent counsel and advisors on the matters discussed within this post. Past performance of any asset is not indicative of future results.