Saturday March 06, 2021
Bitcoin (BTC) $49,305.00   Ether (ETH) $1,545.68
  • Events
  • News
    • Blockchain Technology
    • Capital Raising
    • Crypto Exchanges
    • Crypto Payments
    • Gaming & Betting
    • Networks & Protocols
    • Security
    • Vendor Technology
    • Wallets
NEWSLETTER SIGNUP
EXCHANGE 300+ COINS
CryptoNinjas
  • Crypto & Blockchain Links
  • Real-Time Market Data
  • Bitcoin ATM Map
  • Token Offerings/Listings
No Result
View All Result
CryptoNinjas
No Result
View All Result
Home Featured

Blockchain security firm Quantstamp open sources its bounty protocol

The bounty protocol supplements Quantstamp's automation by allowing human developers from around the world to report more nuanced vulnerabilities and check for bugs against specifications.

Published by CryptoNinjas.net
08/20/2019
Quantstamp bounty

Quantstamp, a blockchain security company developing automated security tools such as the Quantstamp Security Network, has announced it is open-sourcing the code for its bounty protocol.

A bounty protocol is a marketplace for developers to identify bugs in smart contracts that automation cannot detect. The bounty protocol has the potential to leverage software engineering talent from around the world to add an essential layer of infrastructure for blockchain security.

“By open-sourcing our code, we anticipate that Quantstamp Security Network users will benefit in two ways: Enhanced security and code quality: We anticipate the quality and security of the network to increase because engineers from the open source community have the option to suggest edits to the code. Transparency: Users will be able to independently verify that our network operates as we claim it does.”
– The Quantstamp Team

Why It’s Needed

Over 250 million USD has been lost or stolen due to bugs in smart contract code. In order to scale the security of smart contract blockchains using automation, the Quantstamp team created the Quantstamp Security Network. Although the Quantstamp Security Network detects vulnerabilities such as the re-entrancy bug that led to the DAO hack in 2016, there are certain bugs that currently only human auditors can detect.

The bounty protocol supplements Quantstamp’s automation by allowing human developers from around the world to report more nuanced vulnerabilities and check for bugs against specifications.

The Quantstamp bounty protocol has 3 functions: bounty providers, bug hunters, and judges

How It Works

  • A bounty provider is someone who submits their smart contract for review to the bounty protocol.
  • Any developer, referred to as bug hunters, can then review the smart contract code and report vulnerabilities if they find them. In order for the bug hunter to receive their bounty, judges must vote to decide if the bug hunter did in fact report a valid vulnerability. The judges are selected using a QSP-based token curated registry (TCR).
  • If enough judges vote in favor of the bug hunter, the bug hunter receives their bounty.

Commit-Reveal Schemes

The bounty protocol uses two commit-reveal schemes in order to prevent judges and bug hunters from gaming the system.

Bug hunters submit reported vulnerabilities using a commit-reveal scheme in order to prevent front running. Without a commit-reveal process, a malicious actor can wait until an honest bug hunter submits a report on the blockchain. While that transaction is pending, the malicious actor can submit that exact answer but with a higher gas fee. If the transaction is processed first, the malicious actor succeeds.

Judges only receive a reward if they vote with the majority. In order to prevent early votes from biasing the votes of judges who vote later in the process, judges first submit a hash of their vote. After this period is over, judges submit a second transaction with their revealed vote.

Check out the Quantstamp GitHub repository for more information.

FacebookTwitterLinkedinRedditE-MailTelegram
Source: Quantstamp

Related News

Standards for Smart Contract Security Audits
Security

Smart Contract Security Alliance announces founding council members

10/16/2019
Quantstamp Binance
Security

Binance upgrades first stablecoin thanks to Quantstamp audit

07/18/2019
Quantstamp Security Network V2 upgrade features staking, enhanced transparency
Vendor Technology

Quantstamp Security Network V2 upgrade features staking, enhanced transparency

06/19/2019
Smart Contract Security Alliance adds Fujitsu R&D Center as new member
Security

Smart Contract Security Alliance adds Fujitsu R&D Center as new member

03/20/2019
Blockchain security firm Quantstamp expands to Japan with new investment
Security

Blockchain security firm Quantstamp expands to Japan with new investment

03/07/2019
Load More
Leave Comment

Where to Exchange

Bit2MeLeading Spanish Bitcoin ExchangeVisit
BL3P
European Bitcoin ExchangeVisit
ChangellyExchange & Buy 150+ CryptocurrenciesVisit
itBitAmerica's First Regulated Bitcoin ExchangeVisit
  • Trending
  • Latest
Enjin launching two scaling solutions to remove gas and support NFTs from any blockchain

Enjin launching two scaling solutions to remove gas and support NFTs from any blockchain

03/04/2021
Creators of crypto wallet Exodus files with SEC to allow purchase of its stock with bitcoin

Creators of crypto wallet Exodus file with SEC for $75M public offering

03/03/2021
SIMBA Chain expands to Avalanche blockchain enabling low-code smart contract deployment

SIMBA Chain expands to Avalanche blockchain enabling low-code smart contract deployment

03/02/2021
Canadian bitcoin exchange CoinSmart raises $3.5M to expand into Europe

Canadian bitcoin exchange CoinSmart raises $3.5M to expand into Europe

03/01/2021
DeFi yield optimization protocol ETHA Lend closes $1.6M funding round

DeFi yield optimization protocol ETHA Lend closes $1.6M funding round

03/04/2021
Bitcoin DeFi platform Sovryn reveals $1.25M bug bounty; raises $10M in token presale

Bitcoin DeFi platform Sovryn reveals $1.25M bug bounty; raises $10M in token presale

03/05/2021
P2P crypto escrow platform Escaroo adds staking function from Moonstake

P2P crypto escrow platform Escaroo adds staking function from Moonstake

03/05/2021
SecondState launches Ethereum compatible ParaTime on the Oasis blockchain

SecondState launches Ethereum compatible ParaTime on the Oasis blockchain

03/05/2021
NFT platform Curio closes seed funding of $1.2M to fuel expansion

NFT platform Curio closes seed funding of $1.2M to fuel expansion

03/05/2021
IOTA token added as collateral asset on Bitfinex Borrow

IOTA token added as collateral asset on Bitfinex Borrow

03/05/2021
  • Home
  • Directory
  • Data
  • About
  • Contact
SUBSCRIBE

© 2016 - 2021 CryptoNinjas Disclosures | Privacy Policy

  • Home
  • Crypto Links
  • Market Data
  • Blockchain Tech
  • Exchanges
  • Capital Raising
  • Vendor Technology
  • Token Offerings/Listings
  • Payments
  • Wallets
  • Bitcoin ATM Map
  • Conferences & Events
  • About
  • Contact

© 2016 - 2021 CryptoNinjas Disclosures | Privacy Policy


Go to mobile version