A problem with this approach is that one of the key functions of a bug bounty program is to encourage people to report vulnerabilities to the developers, rather than selling them elsewhere.

If I have to pay money to submit a vulnerability to the developers with no guarantee that I'll even get refunded for a high quality and good faith report, let alone any actual payout, there's much less incentive for me to do so compared to selling them to someone else who won't charge me money for the privilege.