CRYPTOCURRENCY UPDATES: ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS. | VERY USEFUL 5 MIN READ:

ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS
Spread the love

WE WILL DISCUSS IN DETAIL ABOUT, ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS.

OVERVIEW OF WHY ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS:

WHITE HAT REWARD VALID UNTIL SEPTEMBER 8TH FOR MERGE-RELATED VULNERABILITIES

ETHEREUM IS REWARDING THOSE WHO FIND MERGE-RELATED CRITICAL VULNERABILITIES ON ITS BLOCKCHAIN WITH A $1 MILLION BOUNTY. BETWEEN WEDNESDAY AND SEPTEMBER 8, THE REWARD WILL BE QUADRUPLED.

ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS
ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS.

A NETWORK UPGRADE IS ESSENTIALLY WHAT A “MERGE” IS. THE PROCEDURE WILL CHANGE THE ETHEREUM BLOCKCHAIN’S PROOF-OF-WORK CONSENSUS MECHANISM TO A PROOF-OF-STAKE ONE, AND IT IS ANTICIPATED TO BE FINISHED BY SEPTEMBER 20.

ONLY LEGITIMATE USERS ARE PERMITTED TO ADD NEW TRANSACTIONS TO THE BLOCKCHAIN, THANKS TO THE CONSENSUS MECHANISM. PROOF OF WORK AND PROOF OF STAKE ARE TWO ALGORITHMS THAT CAN BE USED TO ACCOMPLISH THIS. THE MAIN DISTINCTION BETWEEN THE TWO IS HOW THEY DECIDE WHO IS ALLOWED TO ADD TRANSACTIONS TO THE BLOCKCHAIN. IN THE FORMER, THE TRANSACTIONS MUST BE VERIFIED BY MINERS, OR INDIVIDUALS WHO VOLUNTARILY COMPETE WITH ONE ANOTHER TO SOLVE CHALLENGING MATHEMATICAL EQUATIONS IN ORDER TO “MINE” CRYPTOCURRENCY. DESPITE BEING SLOW, EXPENSIVE, AND ENERGY-INTENSIVE, THIS PROCESS HAS BEEN TRIED AND TESTED ON MASSIVE BLOCKCHAINS LIKE THE BITCOIN NETWORK. THE LATTER VERIFIES THE TRANSACTIONS USING VALIDATORS, OR COMPUTERS, SELECTED ACCORDING TO THE QUANTITY OF TOKENS THEY POSSESS. 

BECAUSE THE VALIDATORS HAVE INVESTED MONEY TO BUY A SIZABLE AMOUNT OF CRYPTOCURRENCY, THEY HAVE A FINANCIAL STAKE IN THE BLOCKCHAIN’S SECURITY, MAKING THIS METHOD MORE SECURE.

SINCE A VALIDATOR NODE CAN BE RUN ON A TYPICAL LAPTOP, PROOF OF STAKE ENABLES MORE USERS TO TAKE PART IN NETWORK CONSENSUS. THE EQUIPMENT NEEDED FOR DIGITAL MINING IS EXPENSIVE. ACCORDING TO DAN SHERRETS, SOLUTIONS ARCHITECT AT BUG BOUNTY PLATFORM HACKERONE, “THIS DECENTRALIZES THE NETWORK AND IS POSSIBLY GOOD FOR SECURITY.”

HOWEVER, PROOF OF STAKE IS ALSO TRICKIER AND NECESSITATES THE COOPERATION OF SEVERAL PIECES OF SOFTWARE. 

IT IS NOT UNPRECEDENTED FOR ETHEREUM TO HAVE ANNOUNCED LARGE REWARDS FOR WHITE HAT HACKERS WHO FIND SIGNIFICANT BUGS. AFTER HACKERS STOLE MORE THAN $600 MILLION FROM THE COMPANY’S ETHEREUM SIDECHAIN RONIN, AXIE INFINITY STARTED A BUG BOUNTY PROGRAM, OFFERING REWARDS OF UP TO $1 MILLION. A WHITE HAT WHO DISCLOSED A SERIOUS VULNERABILITY THAT COULD HAVE COST AURORA $300 MILLION IN LOSSES RECEIVED A $6 MILLION REWARD FROM THE COMPANY.

BOUNTY AND RISKS ASSOCIATED WITH MERGES:

WHEN ISMG ENQUIRED ABOUT THE SPECIFICS OF WHAT CONSTITUTES A MERGE-RELATED BUG, ETHEREUM DID NOT RESPOND.

ANY DEFICIENCIES IN A CLIENT, SPECIFICATION, OR BEACON CHAIN DEPOSIT CONTRACT (WHICH INTRODUCES THE PROOF-OF-STAKE MECHANISM TO ETHEREUM) THAT COULD BE EXPLOITED DURING OR SOON AFTER THE MERGE WOULD BE CLASSIFIED AS MERGE-RELATED. 

THE ETHEREUM FOUNDATION MAY HAVE A DIFFERENT DEFINITION, AND THAT DOESN’T SEEM TO BE EXPLICITLY STATED ON ITS BOUNTY PAGE, WHICH IS THE CAVEAT IN THIS CASE, WARNS SHERRETS.

ADDITIONALLY, IT CAN BE DIFFICULT TO DEFINE MERGE-RELATED VULNERABILITIES BECAUSE THEY MAY INVOLVE BRAND-NEW ATTACK METHODS THAT HAVE NOT YET BEEN IDENTIFIED, ACCORDING TO BLOCKCHAIN SECURITY FIRM CERTIK.

FEW RESEARCHERS, ACCORDING TO SHERRETS, HAVE THE EXPERTISE NEEDED TO IDENTIFY VULNERABILITIES IN THESE KINDS OF PROJECTS. ACCORDING TO SHERRETS, “SOME OF THE MOST SIGNIFICANT VULNERABILITIES I HAVE SEEN IN THIS FIELD HAVE REQUIRED RESEARCHERS WITH DEEP UNDERSTANDING OF CRYPTOGRAPHY, ECONOMICS, COMPUTER SCIENCE, AND MATHEMATICS.”

SHERRETS CONTINUES, “BUG BOUNTY PROGRAMS FREQUENTLY SERVE A DIFFERENT PURPOSE IN THE WEB3 WORLD THAN THEY DO IN THE MORE ESTABLISHED WEB2 SPACE. “AN ATTACKER COULD STEAL OR DESTROY ALL $100 MILLION, FOR INSTANCE, IF A SMART CONTRACT WITH $100 MILLION IN CRYPTOCURRENCY LOCKED IN IT HAS A CRITICAL VULNERABILITY. HOWEVER, IF A PROGRAM OFFERS A $1 MILLION BUG BOUNTY, IT MIGHT TEMPT AN ATTACKER TO SIMPLY REPORT THE PROBLEM AND GET THE BOUNTY IN A LEGAL AND ETHICAL MANNER, ACCORDING TO THE AUTHOR. THIS PROBLEM IS UNCOMMON IN THE WEB2 WORLD BECAUSE THERE IS RARELY A NEED FOR DIRECT ACCESS TO FUNDS.

THE RISK ASSOCIATED WITH ETHEREUM’S MOST RECENT PROGRAM IS ALSO DESCRIBED BY THIS. THE USE OF UNIDENTIFIED WHITE HAT HACKERS MAY PREVENT BUGS FROM BEING REPORTED TO THE PROJECT AND INSTEAD ALLOW THEM TO BE EXPLOITED, ACCORDING TO CERTIK.

FOR PROJECTS THAT GO THROUGH CONTINUOUS DEVELOPMENT, IT SAYS, HAVING A MECHANISM IN PLACE TO IDENTIFY WHITE HATS HIRED TO FIND BUGS, BUG BOUNTIES AS PART OF A CONTINUOUS SECURITY ASSESSMENT, SMART CONTRACT AUDITS, AND BLOCKCHAIN ANALYTICS TOOLS ARE ESSENTIAL BECAUSE NEW VULNERABILITIES CAN ARISE WHEN NEW FUNCTIONALITIES ARE ADDED.

CONCLUSION ON ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS:

TO CONCLUDE ON ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS, THIS IS A GREAT DECISION BY ETHEREUM, WHICH WILL REDUCE VULNERABILITY IN CRYPTO NETWORK BY DECREASING THE CRITICAL BUGS.

FOLLOW US ON:

HARI INFO SECTION H.D.C.

FACEBOOK YOUTUBE

HARI DENTAL CARE

HARI WEB STORIES H-SHOPEE

HARI ENTERPRISES

CRYPTOCURRENCY UPDATES: ETHEREUM REWARDS A $1 MILLION LARGESSE FOR REPORTS OF CRITICAL BUGS. | VERY USEFUL 5 MIN READ:

Leave a Reply

Your email address will not be published.

Scroll to top