As others will have pointed out, our bug bounty program was informal through email and our ticketing system. We absolutely did and do pay out many bug bounties over the years to ethical hackers.
As of earlier this year, we have been incubating a proprietary bug reporting system. It is not ready yet but we think it is mission critical enough to self-host it.
In the end, we went with a commercial solution since we would rather have hackers choose an ethical path, and we realize that their skills and time have value.
HackerOne is one we did consider for our formal bug bounty platform, but since they never replied to our inquiries, why we went with BugCrowd.
As for the mystery of the $444 deposited to
your GoFundMe page, as I guess that mystery is unsolved for you despite the bread crumbs, here is a clue for what that was about.
And, yes, I still have faith in you.