I will pay for discovering bugs that could potentially harm users.

I've only paid one to date, but that was the only thing reported of this type. Why?

I saw a few things that peaked my interest in the codebase and I wondered if it was worth pursuing further. Are you able to disclose the value and severity of the previous payout?

It was a wallet bug that could’ve resulted in loss of funds. I paid them what they thought was fair which was 2.5m sats I think.