Is Bug Hunting the New Bounty Hunting?

Reading Time: 3 minutes

With more cryptocurrencies and blockchain projects springing up every week, an ever-increasing number of developers are required to test these systems. Not all of these developers are 100% perfect, but that’s the reality of the situation. We are all human at the end of the day, and it’s human nature to make mistakes. These little mistakes can leave vulnerabilities in the code that makes these apps, coins, and blockchains run inconsistently. Companies don’t usually have enough resources to scour and test every line of code, so they outsource it in the form of bug bounties. These companies pay thousands to people who spend their day discovering and squashing bugs.

What is a Bug Bounty?

A bug bounty is the price a developer puts on a bug’s head, much like law enforcement put a bounty on the heads of high profile criminals. Bug hunters will then scour the code of the website or software to find a vulnerability and try to exploit it. They will then document the process and submit it to the company. Once the company verifies that it’s a genuine bug, they will usually pay a substantial reward to the person who discovered it.

Why Are Bug Bounties Important?

Bug bounties are critical to the success and longevity of any project. If a company or developer is foolish enough to think their work is perfect, they will most likely end up being hacked. Smart companies – even if they think there aren’t any bugs – create a section on their website that outlines rewards offered for bug hunters. This often deters unscrupulous individuals – people who find bugs with intent to damage a company’s reputation – from damaging the brand in exchange for a cash reward.

How do They Help the Crypto World?

Hypothetically, let’s say your favorite wallet – called XYZ Wallet – is a digital software wallet. It runs using code – as does everything in the crypto world – and a human wrote that code. Humans make mistakes all the time, and similarly to proof reading, our minds are programmed not to see the mistakes we make in our own work, so often bugs get missed before launch. Let’s say there is a vulnerability in the wallet, whereby your private key is available with a little outside manipulation.
Now, if the company has a bug bounty, there is a good chance the person who discovers it will report it to the company, keeping your money safe and thousands of others as well. Alternatively, if the firm doesn’t want to offer bug bounties, this hack could be posted online and lots of people could lose their money. The best way to keep your crypto safe when not trading is to stick it in a cold hardware wallet.
As the crypto world is still young and developing, bug bounties effectively create a network of thousands of developers constantly searching applications and blockchains for flaws. This in turn saves companies money employing someone full time to do the job, all the while keeping its users safe from hackers. Unfortunately, sometimes data might get leaked without a hack – you can cure human carelessness.
One ethical hacker by the name of Guido Vranken managed to scoop $120,00 worth of bug bounties in just a week from the EOS network. This goes to show that bug hunting is both important to the future of the crypto industry and highly lucrative. All you need to get started is a few simple apps and some coding knowledge. If you want to get started with bug hunting, there are a handful websites that list available bounties. Alternatively, head over to a software developers site and they will most likely have a dedicated bug bounty section.