The Cardano Foundation announced a partnership with HackerOne on Cardano’s (ADA) first Bug Bounty program on 26 August to test for performance issues that might lead to severe security vulnerabilities.
Hackers can receive up to $10,000 per fault if a critical Cardano node is compromised; while identifying a critical issue with Cardano-Wallet, hackers can earn up to $7,500.
Identifying vulnerabilities in the Cardano network
HackerOne, a worldwide hacker community with offices in London, New York City, Singapore, and the Netherlands, was named the foundation’s “most prominent hacker-powered security partner globally” with over 250k genuine vulnerabilities disclosed.
In the following months, the combined Bug Bounty program will rely on ethical hackers and meticulous processes from HackerOne to help guarantee that the Cardano blockchain is as reliable and secure as possible.
If any performance problems are identified in the Cardano codebase, hackers will investigate them to see if they constitute a major vulnerability or a potential attack on Cardano’s key components. Thus, ethical hackers are incentivized to identify vulnerabilities and appropriately disclose them so they may be repaired before severe harm is done.
The next step in security protection
Project Manager of the Cardano Foundation, Jeremy Firster, indicated:
“Cardano is a leading blockchain ecosystem that aspires to allow integrated Blockchain applications globally.”
Since the protocol is used by people, start-ups, companies, financial institutions, and governments throughout the world, he added:
“It is our duty to maintain the highest standards and commitment to code transparency and reliability.”
Making the protocol secure a priority
The bug bounty program will help Cardano become the most stress-tested and meticulously maintained blockchain, as well as send a clear statement to stakeholders about the importance it takes on security and public safety.
Account Manager Tor Abrams of HackerOne, when asked about their engagement with the Cardano Foundation Bug Bounty Program, responded:
“We’re continuously testing, finding, and safely reporting real-world security weaknesses for organizations across all industries and attack surfaces.”
Indeed, with HackerOne, companies and organizations ranging from the U.S. Department of Defense to Dropbox to Goldman Sachs and Google have access to the world’s biggest community of hackers.
The hacker community negates cyber risk by seeking, identifying, and safely reporting real-world security flaws for businesses across all areas and attack vectors.
Interestingly, it is worth mentioning that 68% of hackers initiate attacks to be challenged, HackerOne’s survey reveals.
Hackers interested in participating can begin hacking by visiting the program page.