A disagreement between leading Web3 security platform Immunefi and EVM-based derivatives protocol Spectra Finance has sparked public debate, following an Audit Competition that offered a $40,000 reward pool.
Author: Sahil Thakur
Written On: Tue, 24 Jun 2025 05:30:49 GMT
A disagreement between leading Web3 security platform Immunefi and EVM-based derivatives protocol Spectra Finance has sparked public debate, following an Audit Competition that offered a $40,000 reward pool. At the heart of the conflict is a dispute over reward distribution and the terms governing valid bug submissions.
In April 2025, Spectra Finance partnered with Immunefi to launch an Audit Competition aimed at securing its codebase ahead of production deployment. These competitions are a core part of Immunefi’s platform, offering whitehat security researchers incentives to identify vulnerabilities in smart contract systems.
Spectra’s competition listed a total reward pool of $40,000, including a baseline of $6,000 to be distributed even if no bugs were reported. The remaining funds were earmarked for verified security vulnerabilities based on severity.
According to a public statement issued by Spectra Finance on June 23, 2025, the company claims it intended to reward researchers for all valid bug submissions. Spectra’s CEO alleged that Immunefi’s reward distribution criteria were either unclear or changed after the competition ended. The protocol expressed willingness to pay researchers directly but cited confusion over the final terms.
Immunefi, however, strongly refuted those claims in a parallel statement issued the same day. The platform asserted that Spectra had explicitly agreed to the program’s terms prior to the launch, including the standard reward distribution structure based on Immunefi’s severity classification system. Immunefi also stated that any perceived ambiguity was due to Spectra’s own misunderstanding, not changes on their end.
The central point of contention is whether the full $40,000 reward was guaranteed for valid submissions or if Immunefi retained discretion in distributing the funds based on severity levels.
Some community members argued that the presence of valid bug reports should have triggered the full reward distribution. Others sided with Immunefi, suggesting that the classification and reward decisions were consistent with industry standards for audit competitions.
The crypto security community on X (formerly Twitter) responded swiftly. Reactions were mixed but pointed.
The Immunefi-Trust Security conflict remains fresh in the minds of many observers. That case centered around an “out-of-scope” bug submission that was denied payment. Immunefi suspended Trust for 90 days following the fallout, but the incident left lingering concerns about how Immunefi enforces or interprets bounty agreements.
These historical tensions have amplified scrutiny in the current Spectra case, particularly over Immunefi’s transparency and potential dominance in dispute resolution processes.
Notably, Immunefi introduced a formal arbitration system in January 2025 to handle bounty disputes between researchers and protocols. However, there is no indication that the Spectra case has been submitted to arbitration.
As of June 24, 2025, the issue remains unresolved. Spectra has stated that it will release further clarifications, but no mutual agreement or resolution has been announced publicly.
Real voices. Real reactions.
Add your reaction to this story:
Our Crypto Talk is committed to unbiased, transparent, and true reporting to the best of our knowledge. This news article aims to provide accurate information in a timely manner. However, we advise the readers to verify facts independently and consult a professional before making any decisions based on the content since our sources could be wrong too. Check our Terms and conditions for more info.
TON Launches UAE Golden Visa Through Crypto Staking
Lightchain AI Secures $21.1M in Presale, Enters Final Bonus Round
Elon Musk Launches “America Party” — Meme Coin $AP Spikes 300%, Then Crashes to Zero
Credefi Finance Enters US to Drive ‘Made in USA’ RWA Tokenization
TON Launches UAE Golden Visa Through Crypto Staking
Lightchain AI Secures $21.1M in Presale, Enters Final Bonus Round
Elon Musk Launches “America Party” — Meme Coin $AP Spikes 300%, Then Crashes to Zero
Credefi Finance Enters US to Drive ‘Made in USA’ RWA Tokenization