Since announcing its new bug bounty program at the start of June, EOS has resolved 42 bugs in its software and handed ethical hackers $348,000 in rewards.
EOS joined HackerOne, a bug bounty platform that partners with the global hacker community, after a Chinese security firm said it discovered “epic vulnerabilities” in the platform. EOS called the report FUD and said most of the reported kinks had already been fixed.
EOS rewards hackers $5,000 to $10,000 for finding critical bugs. The next reward-tiers range from $100 to $5,000.
Issues that qualify for rewards must do one of the following:
- Cause nodeos to crash via the P2P plugins (net_plugin or bnet_plugin)
- Cause nodeos to crash via the HTTP RPC API (http_plugin) with Patroneos protection
- Send a contract into an infinite loop
- Cause a contract to use a large amount of memory (more than 64MB)
- Crash nodeos with a contract
- Trigger unauthorized actions on accounts
- Cause a contract to run for more than 10 ms over deadline
If you want to submit a potential issue to the team, here’s what must be included:
- Asset – What software asset the vulnerability is related to (e.g. EOSIO core software/eosjs)
- Severity – Your opinion on the severity of the issue (e.g. high, moderate, low)
- Summary – Add summary of the vulnerability
- Description – Any additional details about this vulnerability
- Steps – Steps to reproduce
- Supporting Material/References – Source code to replicate; list any additional material (e.g. screenshots, logs, etc.)
- Impact – Type of security impact an attacker could achieve
- Your name and country
You can find out more about the bug bounty program here.
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin or cryptocurrency. Your transfers and trades are at your own risk. Any losses you may incur are your responsibility. Please note that The Daily Hodl participates in affiliate marketing.
Check Out the Latest Headlines
The post EOS Hands Out a Whopping $348,000 in Bug Bounties in Just Five Weeks appeared first on The Daily Hodl.