GMX, a decentralized futures exchange, awarded the Collider team $1 million for finding a bug in its debt tracking system.
Last year, GMX had a bug that caused GMX V1 liquidity providers to receive incorrect fair value quotes for tokens, causing the price of GLP, the exchange’s liquidity provider token, to deviate from its fair value.
“Our top priority is risk management. For every position, we implement an extensive due diligence process, which encompasses thorough reviews, relying not only on external sources but also on our own audits.”Shlomo Kraus, head of Collider Research
A GMX representative told crypto.news that “funds were secure” and that the “bug was not effectively exploitable”. However, in accordance with Immunefi, they had to award the bounty to Collider.
Earlier, an unidentified GMX trader exploited the Avalanche (AVAX) token’s minimum spread and zero price impact features, manipulating prices and subsequently negatively impacting GLP holders who had supplied AVAX liquidity.
Joshua Lim, the head of derivatives at Genesis Trading, believes the trader made a profit ranging from $500,000 to $700,000. He stated that this wasn’t an exploit but rather the trader simply used the protocol as it was designed to operate.