Building and designing reliable cryptocurrency and blockchain platforms cost billions of dollars, software researchers have consistently proven that even the biggest blockchain platforms regularly experience serious security vulnerabilities. A Dutch software security engineer and hacker, Guido Vranken has been the centre of attraction after he earned $120,000 for discovering several bugs and vulnerabilities in the EOS platform.
Despite raising over $4 billion for their Initial Coin offering (ICO), EOS has received several criticisms from various channels for failing to upgrade their product and fix the security glitches in the platform. A Chinese security firm, 360 Qihoo recently discovered various high-risk vulnerabilities in EOS network before the MainNet launch on the 2nd of June, 2018.
EOS $10,000 Per Bug Bounty Program
Recently, EOS launched a bug bounty program that will help the EOS platform to be more secure for its users and clients; the cryptocurrency promised anyone who finds any vulnerability in their platform a $10,000 per bug prize. This announcement was made through Twitter by EOS project staff, Daniel Larimer.
“Help us find critical bugs in #EOSIO before our 1.0 release. $10K for every unique bug that can cause a crash, privilege escalation, or non-deterministic behaviour in smart contracts. Offer subject to change, ID required, validity decided at the sole discretion of Block One.”
After a week of researching, Vranken was able to discover 11 confirmed bugs in the EOS software platform. He received $10,000 each in bounty payments for nine of the bugs he found in the EOS platform from EOS parent company Block.one, and with the reward still pouring; he has made a total of $120,000 so far. Vranken said that:
“The EOS people are very appreciative of my efforts. Reported bugs were quickly analysed and fixed in their public repository. At first the process was very ad-hoc because [EOS CTO] Daniel Larimer and I were sending files back and forth on Telegram, but they’ve since started to run a bug bounty program on HackerOne which I think is in the best interest of both bug finders and the EOS team.”
This is not the first time that Vranken will successfully uncover bugs for various tech companies, he had previously discovered bugs for Twitter, Yahoo!, Dropbox, Tor, OpenSSL Python, Slack, Trello, and HackerOne. He has also reported multiple bugs to cryptocurrencies like Ethereum, Stellar and Ripple. According to his website, the software has an impressive record of discovering bugs and EOS team members went ahead to offer him a permanent job at the project. It is unclear whether Vranken accepted the offer, but he thanked EOS for fulfilling their promise saying “Thank you. A couple more waiting to be rewarded. I think the final tally was $120K but I lost count. Took me about a week.”