The Cardano Foundation has teamed up with HackerOne, a vulnerability management organisation, to develop a “Bug Bounty” program that rewards hackers for discovering security flaws on Cardano, the growing smart contracts platform.
Cardano Foundation describes its collaboration with HackerOne in a blog post as the best way to uncover cyber security problems on the network.
According to the HackerOne official website, hackers will be paid with up to $10,000 in the digital token ADA, starting at $300, depending on the severity of the vulnerability:
Over the next months, our collaborative Bug Bounty programme with the Cardano Foundation will leverage the strength of HackerOne’s ethical hackers and meticulous procedures to help us ensure that the Cardano blockchain is the most stable and secure blockchain possible.
Any performance flaws discovered that constitute a major vulnerability or potential exploit to core Cardano components will be tested in the Cardano codebase. Ethical hackers are incentivized to uncover vulnerabilities and appropriately report them through a bug bounty programme, so they may be patched before substantial harm is done.”
The Cardano Foundation described the partnership’s importance by pointing out that human ethical hackers, rather than automated vulnerability scanners, are the best approach to uncover cyber problems.
“No organization is immune to security vulnerabilities. The only solution is to find and fix them before they are exploited by cybercriminals. Ethical hackers can find vulnerabilities that automated scanners miss, by thinking creatively and identifying places where bugs could be ‘chained’ together to provide an exploit.”