Cosmos Network

Blockchain Ecosystem Cosmos Upgrades Bug Bounty Program – ProgrammableWeb

Cosmos, an interoperable blockchain ecosystem, has increased its incentives for its bug bounty program for the Cosmos Stargate software upgrade. The bug bounty will allow hackers, developers, and the community to trial and debug the upgrades and breaking changes to the Cosmos SDK, Tendermint Core, Gaia, and Inter Blockchain Communication codebases. The special bug bounty program launches today and will conclude on  December 31, 2020.

Recent changes to the code include a transition from an in-house serialization system to Protocol Buffers (Protobuf), major new Tendermint Core features like state sync, and the first implementation of Cosmos’s flagship Inter-blockchain Communication (IBC) protocol. These changes are a high priority for the security community to review. Bounty rewards are based on many factors including impact, risk, the likelihood of exploitation, and report quality. The CVSS framework will be used to score all reports in a standardized and fairway. The rewards for bugs will be classified into these categories for payout:

Critical— $5,000 and up

High— $3,000 and up

Medium— $1,000 and up

Low— up to $200

Tess Rinearson, VP of Engineering at Interchain GmbH,  said “We believe that proactively finding and fixing bugs is a vital part of building strong, resilient blockchain protocols. Our ongoing testing, and in particular this new program, exists to proactively reward people who discover bugs in our protocols and products. The release of the Stargate codebase reifies our commitment to the open-source community, with the goal of bringing Cosmos into a new era. For the first time ever, Cosmos blockchains will be