Cardano incentivizes “hackers” to find its network vulnerability
The Cardano foundation has received 11 reports in the last three months and has paid a bounty of only $2300.
In a bid to further secure its network from bad actors, smart contract-enabled blockchain, Cardano has revealed that it is doubling the bug bounty for whoever discovers and reports any vulnerability on the network to its team of developers.
Cardano doubles bug bounty rewards
According to available information, the Charles Hoskinson-led project’s bug bounty program has a four-level reward system for bugs found on either the Cardano wallet or the Cardano Node.
Previously, any low-risk vulnerability found on the Cardano wallet attracted a $300 reward, which has now been increased to $600. Medium vulnerabilities will now attract a reward of $2,000, while high-risk vulnerabilities will get $6,000.
Lastly, a white-hat hacker who spots a critical vulnerability will be rewarded with as much as $7,500. Critical vulnerability attracts the highest reward because bugs need to be attended to immediately.
On the other hand, vulnerabilities or bugs discovered on Cardano nodes attract a higher reward. Low vulnerability bugs would attract a reward of $800; medium vulnerability bugs would get $4,000. High vulnerabilities will get $10,000, while critical vulnerabilities will get rewarded with $20,000.
It should be noted that the Cardano Foundation stated that the increased bounty rewards would last for only six weeks, starting from February 14 till March 25, 2022.
Notably, the foundation has received 11 reports within the last three months and has paid out $2,300 in rewards to two hackers whose discoveries were genuine.
White-hat hackers and the crypto ecosystem
There is no doubt that the crypto industry is a constantly growing and dynamic ecosystem that needs the help of white-hat hackers to help projects in the system defend against vulnerabilities and hacks.
A white-hat hacker, in simple terms, is an ethical security hacker who looks for loopholes or vulnerabilities that bad actors can take advantage of in a project.
Due to the nature of the industry, white-hat hackers have increasingly become popular because of the unique role they play in the space.
Recently, Tree of Alpha, a popular white-hat hacker on Twitter, called the attention of Coinbase to a vulnerability that would have allowed bad actors to send the exchange order book to arbitrary prices.
Anyone here can get me a direct line with someone at @coinbase , preferably management or dev team, possibly @brian_armstrong himself?
I'm submitting a hacker1 report but I'm afraid this can't wait. Can't say more either, this is potentially market-nuking.
DMs open.
— Tree of Alpha (@Tree_of_Alpha) February 11, 2022
Aside from him, the Poly Network hacker is sometimes referred to as a white-hat hacker because he returned the funds he had initially taken from the network and worked with the network to plug its vulnerabilities.
Another white-hat hacker that has made the news in recent times is a Paradigm security researcher who has been working with Wormhole to unravel how it was exploited for $320 million.