Odaily Planet Daily News Chain Detective ZachXBT posted on the X platform that if $5 million is only offered if Cetus successfully finds the hacker, no capable company will accept this fee structure.
He said that this requires a lot of time investment. Basically, the victim does not need to bear any upfront risk, while the person trying to help has to bear their time and energy. This is not fair. These vague "bounties" are harmful to the industry. They look like what the team is doing, but they don't actually motivate anyone.
A fair compensation structure should reward both the time spent on hourly billing and the successful results through a percentage of commission after success (this is the way all top companies charge).
In addition, there are many factors that show that these rewards are not fair:
What if the attacker lives in an area with a poor legal environment, making it difficult to arrest?
What if law enforcement cannot recover all the funds when they are arrested?