This post is also available in: Deutsch
Hacker One reported that there were 43 different vulnerabilities in thirteen different cryptocurrencies between the months of February and March of this year, which demonstrates the added value of bug bounty programs.
The vulnerabilities were spread across Brave, EOS, Monero, Unikrn, OmiseGo, Coinbase, ICON, MyEtherWallet, and Tezos. The bugs in each program were found by white hat hackers that received, in totally, around $23,675 for discovering these bugs within the leading blockchains. It should also be noted that the exact vulnerabilities were not disclosed so the low reward could be an indication that the bugs were minor. Also, some of the bugs were with the cryptocurrency wallets rather than the cryptocurrency blockchain itself. However, some vulnerabilities for EOS were disclosed that “could potentially allow attackers to inject malicious scripts into EOS-related source code”, which illustrates some of the worst case scenarios of bugs.
Benefits of open-source projects
Open-source projects revolutionize the programming environment by crowd-sourcing the development and checking of the code, which makes it more robust than propriety code that relies on a company hiring the right coders to write and check the code. This is part of what influences the value of cryptocurrencies; the knowledge that it is all out in the open and that if there was a critical vulnerability then a white hat hacker would discover and fix the bug before it was used maliciously to hurt individuals. However, economic incentives still play a role as they do in the rest of society.
Economic incentives help encourage more developers to write and review code, which is important since it means they can dedicate more time to creating quality code rather than having to split time between a paying job and volunteering to code for cryptocurrencies. Also, it ensures that coders do not seek out supplemental funding from third parties that might have ulterior motives. Also, cryptocurrency has little room for error competing against major payment processors, so cryptocurrency has to stay on top of its game by preventing unnecessary harm to consumers that are on the margin of using cryptocurrency and could switch back to traditional payments at any moment.
Dash helps fund its own code development and review
Dash has been able to use its DAO Treasury model to fund the Dash Core Group as a dedicated team of individuals to write the core blockchain code. Additionally, Dash has been able to hire Bugcrowd as a bug bounty program to discover unseen bugs in Dash’s codebase. This helps ensure that Dash is at its highest standard for consumers that are expecting quality service, which is why Dash has been able to gain major adoption around the world and experience advanced integrations into other technologies.