How Secure Are Blockchains? Investigation By Hard Fork Reveals Over 40 Bugs From Multiple Platforms In Last Month
Blockchain technology was made with the purpose of offering immutability and secure data over a distributed ledger. However, considering the many hacks of the crypto industry, it should come as no surprise that Hard Fork chose to perform an investigation for the last 30 days, seeing how blockchain and cryptocurrency platforms fair in their own security. In their findings, there were over 40 bugs discovered.
Between February 13th and March 13th, there were 43 vulnerability reports published amongst 13 blockchain and crypto companies. Some of the impacted platforms reported by Hard Fork included Coinbase, Block.one, Tezos, Brave, and Monero. The platform with the highest number of vulnerability reports in the blockchain sector was Unikrn, an esports gambling platform that hosts its own crypto asset as well. The disclosure program showed 12 bugs.
The platform with the second-highest number of bugs was Omise, the developer for OmiseGo, which had six bugs flagged, followed by five bugs flagged on EOS. The others included Tendermint (4), Augur (3), Tezos (3), Monero (2), ICON (2), and MyEtherWallet (2). The rest of the vulnerabilities were scattered across Coinbase, Crypto.com, Electroneum, and Brace Software, which all had one bug report each.
Hard Fork added that there were some companies involved that only have minimal involvement with decentralized tech. That being said, there’s a chance that some of the vulnerabilities discovered were not related to blockchain technology or cryptocurrency itself, like with the Brave browser.
Even with many reported bugs, there was over $23,000 awarded to security researchers as bounties. Of the 43 reports, there were seven that had no mention of the bounty’s value. Though EOS is often the highest bounty awarded, Tendermint took this spot, giving out $8,500 for the discoveries. EOS awarded $5,500, which is a drastic improvement from the $120,000 in bounties that they once awarded to a researcher that found many flaws. Unikrn was one of the lowest, only distributing $1,375 in bounties.
As with most vulnerability reports, the full details have not been given to the public and they probably won’t be. However, Hard Fork believes that the flaws were not “a huge cause for concern,” considering the amounts of the bounties.