We are announcing bounties for MTP audit and MTP implementation.
[...]
I submitted a first—critically exploitable—bug last night. SHA256 of the description of the bug at https://twitter.com/zorinaq/status/888644581926944768 Thank you for organizing this!
Submission is accepted! Thanks for this! Keep them coming! The bounty is divided between each bug found so the more you find the bigger the share of the bounty you get!
The bug happened when increasing the number of blocks required without adjusting this parameter. Good spot!
Thanks. Oh and I submitted a 2nd attack, this time a flaw in the MTP algorithm itself. https://twitter.com/zorinaq/status/889990807519870979