9
edits
Difference between revisions of "Bug bounty"
more deets
(citation) |
(more deets) |
||
| Line 1: | Line 1: | ||
A bug bounty is a countermeasure developers can implement to drive white hat hackers to disclose exploits discreetly without actually triggering them. | A bug bounty is a countermeasure developers can implement to drive white hat hackers to disclose exploits discreetly without actually triggering them. Generally speaking, bug bounties strictly apply to specified smart contract repositories. | ||
== Size == | == Size == | ||
| Line 8: | Line 8: | ||
== Issues == | == Issues == | ||
Sometimes anonymous developers do not have a way to verify their anonymous counter party will not simply exploit the code when disclosing it. This is the case with OpenZeppelin's recent attempt to disclose a 10 figure vulnerability in Convex. | Sometimes anonymous developers do not have a way to verify their anonymous counter party will not simply exploit the code when disclosing it. This is the case with OpenZeppelin's recent attempt to disclose a 10 figure vulnerability in Convex. | ||
== Providers == | == Providers == | ||
| Line 14: | Line 14: | ||
(this is WIP, I'm researching) | (this is WIP, I'm researching) | ||