Track: Treasury Big Spender
Proposer: VinceCorsica (14Pn8sUxdEMgFRDgZ5J2VfcUVMLaMQhst9XuvCj9mKJYUAN2)
New Curator PureProxy: Gdxia95Ti5REcK1MLjgg681cq3U9fKBvfRZdjKAZ9jwrrTR
Controlling MultiSig: Fk1ZmpYWsMMsKxf9Aj1GFAS4TeU34bud5KVP9ZUKLYvoC8r
Date: 28th August 2025
Short description: Updating Security Bridge Bounties Multisig membership
The purpose of this referendum is to update the curators of the bounty.
A new PureProxy has been created for that purpose, and the curators membership has been amended to reinforce the focus on the different bridges. It is important to note that due to the minimum traffic on the K <> P Bridge, no funds from the bounty have been spent so far. A new partnership with Hacken and the inclusion in the scope of the bounty of Snowbridge and Hyperbridge, as well as the change of curators to also reflect this change, will allow us to deliver on the increase of interest of reporters on Hacken platform.
For more details about the scope and how this bounty works please check at https://polkadot.com/bridges-bug-bounty/.
Status of what has been delivered so far:
- In 2024, there has been limited traffic to the bridge so the level of attraction within the researcher community has been limited.
- Since Q1-2025 and thanks to an initial partnership with the Hacken Bounty platform and help from Distractive, the bounty has received increased attention from researchers (Hacken Portal) with +15000 scope reviews.
- No bounties have been paid and no fees have been paid, all activities have been done pro bono by all stakeholders including curators and partners.
The next steps are:
- The new curator team aims to continue to improve things by:
- Reinforcing the security partnership between bridges by expanding the scope to Snowbridge and Hyperbridge especially in the context of the recent increase of traffic through the different bridges.
- Reviewing the total reward amount available to reporters with the different scope adding funds to a consolidated reward pool
- Reviewing the reward and fee structure for the different stakeholders
- Reinforcing the visibility to attract more researchers at the different events, on social media and Bounty Platform
- Partnering with other Bounties including Polkadot Assurance Legion.
- More details about the above will be shared to the community in September/October 2025 in the direction channels and on this post.
NOTE: A mirror referendum is happening in Polkadot as the Bounty is on both networks.
Curator changes:
- The security nested MSG was creating more operational complexity than specific added value so it is suppressed (it was requiring more coordination of people and in addition Multisig containing another Multisig is not supported in the same way by the different tools and as a consequence made on chain transactions more complicated to raise and sign).
- Jeroen and Kirill are not part of this new set of curators, and we would like to take the opportunity to thank them for the initial phase of this bounty.
- As a consequence the new curators are 5 and not 7, aligned with the different bridges part of the scope.
Curators of the new MSG:
- Valery - Cl0x (Hydration team)
- Vince - VinceCorsica (Parity’s Security)
- Adrian - Kata (Parity Bridge team)
- Vincent - SnowBridge team
- Seun - Hyperbridge team