I think there's a trust problem with that. How do you arrange the transaction? If I offer to sell you a zero-day for X BTC or something, how do you know that my zero-day is real and exploitable, and that I will actually give it to you and nobody else? How do I know you will actually send me the BTC? How do I demo it in a way that at least proves that it works without giving away enough info to recreate it?
I guess Zerodium has enough reputation that you can be reasonably sure they'll fork over the cash after you show them your bug. Building that kind of reputation on the darknet with cryptocurrency isn't going to be easy. If there was anyone like that out there, we'd already know about them.
I guess Zerodium has enough reputation that you can be reasonably sure they'll fork over the cash after you show them your bug. Building that kind of reputation on the darknet with cryptocurrency isn't going to be easy. If there was anyone like that out there, we'd already know about them.