PANews reported on January 3rd that according to Cointelegraph, the smart contract of blockchain company Virtuals Protocol was accidentally discovered to have a vulnerability by security researcher Jinu (pseudonym) during a review. Virtuals Protocol quickly released a fix and restarted its vulnerability bounty program. On December 3rd, Jinu accidentally discovered the problem while reviewing the contract and immediately reported it to Virtuals Protocol. He then learned that the company did not have an active vulnerability bounty program, which meant that his discovery did not meet the reward conditions. According to Jinu, the Virtuals Protocol team also closed the Discord group dedicated to reporting the vulnerability.
In a post on the X platform, Jinu said: "This vulnerability may have an impact on the Virtuals ecosystem. If exploited, this vulnerability will prevent the generation of AgentTokens until the contract is fixed." After the information was made public on the X platform, Virtuals Protocol contacted Jinu and immediately released a fix. Despite the timely release of the fix, Virtuals Protocol has not yet announced a bug bounty reward for Jinu. In a message to the researcher, the company thanked Jinu for reporting the issue and apologized for the previous miscommunication.