Bug bounty programs play an integral role in the world of blockchain and cryptocurrency. Fixing major issues before they can be exploited by criminals is always a favorable course of action and Augur has recently awarded $5,000 to a white-hat hacker who documented a major issue that was affecting the company’s digital ecosystem.
The Augur Security Issue
Even though the services of world-class developers are usually availed of when creating a quality blockchain/cryptocurrency platform, no project is completely secure. As such, opening up the native source code of a project to third-party developers and white hat hackers can reveal major issues found without the ecosystem. In the case of Augur, their bug bounty program has effectively highlighted a major issue which could have crippled the network quite substantially. For highlighting this issue, the hacker received a $5,000 payment.
According to the Augur team, this is the first reported issue as part of the project’s $200,000 bug bounty program. This high-severity vulnerability is related to the gas reporting bond on the platform. Any attacker with sufficient knowledge could increase the gas reporting bond and make it too expensive for anyone to create new markets on the Augur platform.
Although it remains unclear if any miner would have effectively exploited this vulnerability, solving this problem was more than warranted. It is quite interesting how the white hat hacker also proposed a solution for this exploit. The Augur team has taken this feedback to heart and devised a strategy based upon his contributions.
For the time being, the Augur team will continue to run its bounty program. As is usually the case, when one exploit is found, another one is likely to pop up sooner rather than later. This is why bug bounty programs are needed in the world of cryptocurrency and blockchain.
One has to commend the Augur team for running such a bug bounty program and making good on their initial promise of rewarding white hat hackers for their contributions. Whether or not any further issues will be uncovered, remains to be seen, but it is evident there are still plenty of weaknesses to be uncovered where Augur is concerned.