Sui: Vulnerability Bounty Program temporarily focuses on Sui's core infrastructure, excluding protocols, applications, etc

Sui stated in an article on X platform that the current vulnerability bounty program rewards researchers and reporters who report vulnerabilities that affect Sui itself, with a maximum bounty amount of up to $1 million, determined by the effectiveness and potential impact of the reported vulnerabilities. For now, its vulnerability bounty program does not cover issues discovered by applications running on Sui. Although the current vulnerability bounty program primarily focuses on Sui's core infrastructure and does not cover protocols, applications, or smart contracts built on it, we will expand the program over the next six months to provide additional bounties for any protocol with a total locked in value (TVL) exceeding $50 million. This will motivate bounty hunters to identify errors in large protocol codes built on Sui like Cetus, in order to prevent such errors from happening in the future. Regarding the vote initiated by Cetus on whether to fully compensate for the 223 million stolen assets, Sui stated that the Sui Foundation's pledge will not be included in the vote.