In preparation for the release of smart contracts capability on September 12, the Cardano Foundation is taking measures to protect against network vulnerabilities prior to the launch. Cardano released a “bug bounty program” in partnership with HackerOne to make sure the ecosystem is safe. The program will reward ethical hackers for any vulnerabilities they identify.
Reward categories
Rewards like the ones available through bug bounty programs give hackers an incentive to detect and report vulnerabilities rather than exploit them. Cardano’s rewards program is divided into four different levels; low, medium, high, and critical. Hackers can report bugs in the Cardano Wallet or the Cardano Node. Low priority issues merit relatively small rewards in the range of $200-300, while critical ones in the Node reach $10,000. All rewards will be paid in ADA, Cardano’s native token.
Cardano Project Manager Jeremy First commented:
“Cardano is a leading blockchain ecosystem that aims to enable integrated blockchain solutions globally. It is our duty to maintain the highest standards and commitment to code transparency and reliability to ensure that the protocol remains viable for mission-critical applications delivered around the world from individuals, start-ups, enterprises, financial institutions, and governments alike.”
Over 250,000 vulnerabilities found and reported
Cardano is currently the third biggest cryptocurrencies in market cap. The team is unable to identify all of the vulnerabilities in the vast ecosystem on their own. This is why they decided to solicit the wider hacker community. The collaboration with HackerOne will attract a vast base of hackers. More than a quarter of a million vulnerabilities have already been reported.
Biggest project launch in history
Cardano wants to be sure that its whole network is secure ahead of its biggest project launch yet. Once smart contracts make it possible to onboard members of the general public to the mainnet, the entire network must be 100% safe.
Automated programs can’t detect interconnected bugs
Cardano and similar projects tend to check for vulnerabilities using automated scanners, but those can’t identify bugs that are linked to each other. This is where ethical hackers come in. In fact, they can be incredibly helpful in detecting network weaknesses. They harness their creativity to guess where linked bugs may reside, after which they report them. That’s the idea of the HackerOne bug bounty program.