Black Friday at the Coin Bureau Store: Join us for a long weekend of SALES!
Smart Contracts Fund Bounties Hydra
3 min read

Using Smart Contracts to Fund Bug Bounties with Hydra

By Editorial Team

Ethereum Smart Contracts have been touted as one of the most interesting blockchain developments in the past few years. The Ethereum protocol allows developers to code smart contracts which run on the blockchain.

However, irrespective of how many smart and ethical developers there are in the community, there are an equal number of smart unethical hackers who are merely motivated by greed. However, what happens if one could turn these black-hat hackers into a force for good and become white-hat hackers?

The idea of paying hackers to find vulnerabilities is not a new concept. Bounties have been around on enterprise systems and application development companies for a number of years. However, when a hacker discovers a bug or vulnerability, they have to weigh up the benefits of exploiting it vs. the benefits of reporting it.

That is where a new effort called “Hydra” comes in. Hydra, which is an initiative that is funded by the National Science Foundation Graduate Research Fellowship, tries to create incentives that encourage blockchain bug reporting.

Incentivising Black Hats

The Hydra project was announced at the Ethereum developer conference (Devcon3) today. It is being developed by a team including Lorenz Breidenbach, Ari Juels and Phil Daian from Cornell.

The Hydra project tries is trying to develop contracts that will programmatically offer people who report bugs a higher reward than they would get from actually exploiting the bug. Hence, when a hacker is able to find a bug, he would know that reporting it is more in his favour (monetary wise) than the loot from hacking it.

Although smart contract start-ups may already be offering bounties, these are not designed programmatically. They are merely arbitrary amounts that are not usually able to adjust to the severity of the exploit. Moreover, if a hacker finds an exploit and the bounty is not promising enough, he is unlikely to try and negotiate for fear of releasing details of the bug.

Hydra tries to use the concept of crypto economics to address the inherent mismatch in incentives of current offerings. At the developer conference, Daian sees the benefit of the idea. Relying on honest actions cannot be the solution. He sees a combination of pragmatism and smart programming as one of the only solutions. He said:

Let’s see this as a game. What would a rational attacker do with these systems? Say an attacker finds a bug: would they attack or would they claim the bounty?

Although there may be many Ethereum smart contract developers who would be anxious to implement a Hydra solution, Daian made it clear that the project was only in Alpha stage and should not be used to store funds.

Yet, we are sure that as more money becomes involved and more high profile hacks are perpetrated, the demand for a solution such as Hydra’s is bound to sky rocket.

Featured Image via Fotolia

Editors at large. Posting the latest news, reviews and analysis to hit the blockchain.
View all posts by Editorial Team -> Best Crypto Deals ->

Related Posts

FTX Exchange
Withdrawals not Halted at FTX: Instead Binance will Buy FTX
FTX Exchange

Withdrawals not Halted at FTX: Instead Binance will Buy FTX

November 9th, 2022 3 min read
OKX invests in WAX
OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX
OKX invests in WAX

OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX

June 3, 2022 2 min read
Binance partners with the weekend
Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour
Binance partners with the weekend

Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour

June 3, 2022 2 min read
21Shares Releases Sixth State of Crypto Report
21Shares Releases Sixth State of Crypto Report: Summary
21Shares Releases Sixth State of Crypto Report

21Shares Releases Sixth State of Crypto Report: Summary

June 2, 2022 3 min read
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

June 2, 2022 2 min read
Regulators are “Not Allowing” Banks to Engage with Crypto
Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto
Regulators are “Not Allowing” Banks to Engage with Crypto

Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto

June 1, 2022 2 min read
US Conference of Mayors Introduces Blockchain Resolution
US Conference of Mayors Introduces Blockchain Resolution
US Conference of Mayors Introduces Blockchain Resolution

US Conference of Mayors Introduces Blockchain Resolution

June 1, 2022 2 min read