This proposal, if approved, will place the following on-chain remark:
The community of the HydraDX Protocol authorizes the HydraDX Council to conduct the following transfers using a part of the HydraDX Protocol Owned Liquidity which was accumulated during the HDX LBP event:
-- transfer 450,000 DAI to 0xA4a6B5f005cBd2eD38f49ac496d86d3528C7a1aa as a reward for the whitehat who helped the HydraDX Protocol identify a critical vulnerability in the Omnipool;
-- transfer 45,000 DAI to 0x2BC5fFc5De1a83a9e4cDDfA138bAEd516D70414b as a commission for the bug bounty platform Immunefi.
These transactions are related to the Omnipool vulnerability which was disclosed to us, as described in the first Security Update. The report was submitted under our Immunefi bug bounty program which had previously been approved by HDX token holders and included in our agreed spending framework.
Under the above-mentioned framework, the whitehat hacker would be entitled to a bug bounty of $590,000 (10% of the Omnipool TVL), to be paid out in HDX. However, at the current valuation, this would amount to ~47% of the HDX treasury holdings. Against this background, the Galactic Council team negotiated with the whitehat a discounted payment in DAI (450,000 DAI).
The HydraDX Protocol would like to thank the whitehat for finding and disclosing this vulnerability in a timely manner which allowed the Protocol to continue its operations without any major disruptions.
