Considering there is no practical attack here -- you don't know the private video's ID -- it's unlikely that that would serve as much of an incentive in this case. They'd just get the bug for free. Plus, youtube has no way of verifying you had the bug before it was leaked publicly.
One suggestion upthread was that videos that start public or unlisted can be made private without changing the ID. I haven't verified this myself, but if true it could be a way to get around someone sharing a video, then making it private to hide the contents. Obviously this is less severe than if, say, all private video IDs were well known, or a one-up integer, but it's still a leak and could be exploited in real-world scenarios.
My suggestion wasn't that someone should get credit. My suggestion was only that leaking the bugs and causing actual damage would eventually raise the price paid. As for proof of date of discovery, write a letter and sign it with bitcoin or equivalent.
That still leaves vanishingly small odds for a user to actually be exploited, in addition to the very small resolution and total lack of audio... both of which would be overcome by somebody simply downloading the video while it was public. As soon as the video was public _and_ shared/discovered by other people, it was already owned to begin with.
