The Binance Smart Chain (BSC) wants to offer $10 million to encourage hackers to test the security of decentralized applications (dApps) on its network, in order to identify its vulnerabilities. About a hundred dApps should benefit from this program, provided that the BSC manages to raise all the necessary funds. The pressure from international regulators is definitely not stopping Binance from moving forward.
The hunt for bugs is on at the BSC
The BSC has just announced, in a press release dated July 26, the launch of its bug bounty program: “Priority One”. The latter dedicates a $10 million fund that will reward bug hunters, ethical hackers, disclosing “verifiable attack vectors or security flaws in up to 100 dApps” over the next 6 to 12 months.
The fund will help dApps that participate in the program fund their security testing, reimbursing “up to 50% of the reward for critical issues” and for up to $100,000 per partner project.
To be eligible for Priority One, dApps will need to be hosted on the BSC, have undergone at least 2 security audits or certifications, and “demonstrate a serious commitment to improving its security” by spending at least $100,000 on their own bug bounty program internally or on Immunefi.
10 million to be raised in a pool of funds
The BSC Accelerator Fund, a fund designed to create a network of DeFi projects on the BSC, will contribute $3 million in Binance Coin (BNB), starting this July, to begin building that $10 million pool. This first $3 million will be managed by the BSC Core Team and will allow 30 dApps on the BSC to participate in Priority One. The core team will review disclosures and determine reward amounts that vary “based on the severity and exploitability of the discovered vulnerability.”
A Binance Chain Evolution Proposal (BEP) will then be submitted to the validators in October. The BEP will aim to find the remaining $7 million by allocating a percentage of the daily block rewards to Priority One.
PeckShield, CertiK, Immunefi and/or the Binance security team will analyze disclosures for “high and critical” vulnerabilities. The BSC core team, on the other hand, will have discretion in deciding whether or not a disclosure is eligible for the bounty.
The pressure on Binance from regulators in various countries is not preventing it from making progress in other areas, such as security. While the Binance Smart Chain is ready to invest $10 million to strengthen the security of its network, the United States is offering $10 million in bitcoins (BTC) to wage war against ransomware.