Tron Foundation Launches HackerOne Bounty Program To Stop Vulnerabilities In Mainnet
The Tron Foundation puts a special focus on security in nearly everything that they do, so it should come as no surprise that they have found another way to pursue this endeavor. They have announced a new bug bounty program, which is found on HackerOne. The program offers a monetary reward of up to $10,000 for any critical issues or “potential technical vulnerabilities” within their MainNet
The program enlists the help of “Tronics,” a group of members that are enthusiastic about the platform. Tron hopes that the members with experience in “global network security” will help, ensuring that the MainNet can be the “most secure public blockchain in the industry.”
A critical bug on the network includes anything that has the ability to take over the control of network nodes with remote functionality. Another bug could be one that leaks or steals the private keys of users. Once submissions are entered in the Tron security report, the individual that discovered it will be paid for their work 14 business days later. This level of threat comes with a $10,000 payment.
Any high-level threat is a bug that could end up resulting in Denial of Service on a peer to peer network, and these threats come with a $6,000 bounty. Medium-level threats can end up with Denial of Service through the Tron protocol instead.
Even with this bounty program, there are a few bugs that are entirely off-limits, like clickjacking pages that are absent of sensitive actions, root level access attacks, content spoofing, and similar bugs. Right now, the best place for this kind of service is with HackerOne, considering that it has the highest number of bounty finders and “ethical” hackers, which all ensure that the Tron Foundation stays safe.