- White hat hackers were able to find 40 different significant bugs across 13 Blockchain networks in 30 Days
- Among the networks with the highest number of bugs are Unikrn, Tendermint, and Tezos
- In all, the bug hunters made $ 23,675 in bounties
Despite the best intentions of crypto firms and developers everywhere, no single product or system is perfect and there are bound to be flaws. This has repeatedly been shown in everything from exchanges to various wallets and networks. Just how often these bugs occur has not always been clear, but one team of researchers is helping to shed light on this. According to the team at Hard Fork, white hat hackers have discovered around 40 different bugs in various blockchain networks in the last 30 days alone.
43 Vulnerability reports were submitted to 13 crypto-focused firms from the period of February 13 to March 13, 2019.
Breaking down the data
Coinbase, EOS issuer Block.one, Tezos, Brave, and Monero were among the platforms with reported vulnerabilities.
However, the individual firm with the most bugs was Unikrn, an e-sports gambling platform, where 12 bugs were found. In second place was OmiseGo with six, followed by EOS with five.
Four were found in Tendermint while three were found in Augur and Tezos. Two vulnerabilities were discovered in Monero, ICON, and MyEtherWallet while the rest of the bugs were found in Coinbase, Crypto.com, Electroneum, and Brave Software with each having one bug.
Just as the number of bugs discovered varied from firm to firm, so did the bounty rewards for finding the errors. In total, the team made $ 23,675 for all their bug-finding efforts.
Tendermint was the company with the highest bounty rewards at $8,500, while EOS was second with $5,500. Unikrn, despite having the most bugs, only gave $1,375 in rewards.
The amount of money that was handed out in bounties also serves to indicate what types of bugs were discovered since they were not publicly disclosed. The amounts were, generally, not high, which indicates that the vulnerabilities found were not very serious ones and aren’t an immediate cause for alarm.
Block.one did reveal a bit about their flaws, stating that four out of the five found had to do with a buffer overflow flaw.
Hopefully, with the continued efforts of bug bounty hunters, more flaws will be bright to the light, giving the various firms a chance to improve on their systems.