paint-brush
Open Source Trading Platform Bancor Launches a $1M Bug Bountyby@mkaufmann
805 reads
805 reads

Open Source Trading Platform Bancor Launches a $1M Bug Bounty

by Matthew KaufmannApril 18th, 2022
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Bancor is an open-source, decentralized trading protocol that allows participants to gain access to an open and permission-less marketplace. The $1 million bug bounty has a multi-tiered incentive system. Identifying significant risks can earn ethical hackers up to $1,000,000. Security bounties are amongst the most popular types of bounties awarded to ethical hackers. The main advantage of a bug bounty program is that it allows a business to pinpoint a variety of flaws in their software’s code.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Open Source Trading Platform Bancor Launches a $1M Bug Bounty
Matthew Kaufmann HackerNoon profile picture

Bancor is an open-source, decentralized trading protocol that allows participants to gain access to an open and permission-less marketplace. The blockchain network is preparing to launch Bancor 3, a new version of the Bancor protocol with lower trading fees and a more user-friendly Defi system.


As part of the lead-up to this release, Bancor announced a $1 million bug bounty program for developers and hackers. The $1 million bug bounty was accompanied by the public release of the Bancor 3 code for ethical hackers to examine for potential vulnerabilities.


The B.Protocol Foundation will decide on the incentives for identifying flaws, which will be based on the severity of the risks.

The bug bounty has a multi-tiered incentive system

Identifying significant risks can earn ethical hackers up to $1,000,000 in rewards, while identifying high and medium threats will earn them $40,000 and $5,000, respectively. Lower-threat risks will be rewarded with a $1,000 bounty.


Bancor 3 is intended to make it easier for users to engage in decentralized finance (Defi). Alongside the bug bounty, the Bancor team is also going through its code to look for potential threats. At the same time, security firms like OpenZeppelin, Peckshield, and Certora are auditing Bancor's code.

The significance of bug bounties in the crypto world

The main advantage of a bug bounty program is that it allows a business to pinpoint a variety of flaws in their software’s code. The harm to the company may be considered if these vulnerabilities were identified and exploited by a cybercriminal before the firm could address them.


Projects that use bug bounty programs have a greater chance of spotting potential flaws before they are exploited. This will help to safeguard the company's reputation while also averting any prospective threats.


Projects have been developing into new strategies to secure assets as the bitcoin market value has risen. Protocols are rewarding the public to disclose problems in addition to paying security experts and using the services of blockchain security organizations.


Hackers are the key participants when it comes to bug bounties in the cryptocurrency space. By searching for, finding, and disclosing critical vulnerabilities, they make valuable contributions to the cyber security space.


It's no surprise that security bounties are amongst the most popular types of bounties awarded to ethical hackers, given the vast number of malicious actors in the blockchain space.


These security bounties assist blockchain projects and organizations in detecting critical flaws before they are exploited by bad actors. Most importantly, they foster an open, transparent, and communicative culture, which is sorely lacking in the crypto world.


Bug bounties also allow an organization or project to scout talent that might otherwise be difficult to locate through traditional means. Many of the ethical hackers who take part in these bounties are experts at finding exploitable flaws in a project's code.


Most Bounties motivate hackers depending on the difficulty and outcome of the assault, with attacks that potentially result in permanent loss receiving a bigger payment. Bounties are a viable option for ethical hackers who want to advance in the cyber security ecosystem, expand their portfolio, and profit from their expertise.


Bug bounty programs differ from one company to the next in terms of specifics. Some businesses simply make an announcement that instructs white hat hackers to search their projects for any exploits. These announcements allow ethical hackers to test for any possible flaws in the organization's surface.


Others may define the programs and web pages that should be tested as well as which vulnerabilities the testers are allowed to look for. Testing for a cross-site scripting (XSS) vulnerability on a website, for example, is encouraged, but conducting a Denial of Service (DoS) attack on it is not.


When a white hat hacker finds a vulnerability, they disclose it to the organization and then collaborate with the ethical hacker to confirm the vulnerability's existence, fix it, and ensure that the patch is effective.


The organization then provides a reward to the ethical hacker responsible for finding the vulnerability. The bounty amount is usually determined by the severity and effect of the vulnerability.

In Closing…

Bug bounty schemes will always be vital for the security of users and protocols in the blockchain sector since rug pulls, phishing assaults, and other frauds only thrive when they go unnoticed.


Disclosure: The author of this article has received compensation in return for covering this announcement. However this does not affect the quality of the content contained within this post.