[Worker Proposal] Hack the DEX - a BitShares Bug Bounty Program (2019)
The BitShares Blockchain is an industrial-grade and fully decentralized platform that is open source and maintained by its community.
It contains a decentralized exchange (DEX) and is built on top of delegated proof-of-stake (DPoS) blockchain technology. With all financial technology in the blockchain space, a major concern for users and traders is security.
If someone found a critical bug in the DEX, they might be tempted to exploit the bug, and attempt to steal funds from unsuspecting users. Without a public bug bounty system, hackers do not have an obvious path of disclosure for reporting their findings. They also do not have any incentive to share their exploits and techniques, rather than using them for personal gain.
With this proposal, we’d like to start a BitShares bug bounty program for security researchers and penetration testers (…aka hackers!) to disclose important security vulnerabilities they find within the BitShares core protocol, reference wallet, and related code repositories.
This proposal is seeking funding to renew the past HackTheDex worker. The HackTheDex bounty program was started in July 2018 and is consequently renewed now. Several reports that could have caused harm to the community have been submitted and fixed through HackTheDex, proof for its necessity and value. Those reports included several possibilities for an attacker to cause a chain halt, cause theft of funds and other severe attacks. An overview can be found here:
https://hackthedex.io/#/reports
Please consider supporting this proposal to maintain the bug bounty program for the BitShares blockchain. We want to take this to the next level! More details are available at
https://www.bitshares.foundation/workers/2019-04-hackthedex
The worker proposal is 1.14.186, 201904-hackthedex and voting is live at
https://wallet.bitshares.org/#/voting
For some more in-depth information on the BitShares Blockchain have a look here
I support this worker proposal, it's worthwhile investing in security.