Comment by csomar

You are a sucker if you are using a platform like HackerOne. I reported a bug (Crypto Exchange, Bitmex) 5 years ago. It was not a critical bug, but still. The team kept the bug report open for 5 years; I assume so that it doesn't affect their payout score. They recognized the bug. After 5 years they closed it. Zero communication.

If you value your time and your health, don't use these platforms. If platforms want security, they can hire people by the hour/day and pay them the relevant wages.