To be fair, goog has to pay comparable to other 3rd party brokers, and not necessarily "potential payment by exploiting the bug". Finding an exploit and being able to deploy it for financial gains are two distinct problems, with separate skillsets, risks, etc.
Plus there are some other benefits of disclosing to goog. After you get into VRP you get access to grants & stuff and can basically ask to study a problem and get funded for that effort. Being able to blog about it, pad your experience, etc etc. All while not having to look over your shoulder for 3 letter agencies your whole life :)
You think state intelligence agencies don’t hack whitehats for their 0days?
You know there’s ongoing and plausible efforts by at least 3 organizations to conquer the Earth, right?