Libra Bug Bounty Program seeks to strengthen the security of Facebook's blockchain
Facebook's plans to venture into the world of cryptocurrencies has proved highly controversial, but the social media giant is plowing on regardless. The company and the partners it is working with on Libra have launched a public bug bounty program, offering pay-outs of up to $10,000 per bug.
Announced by the Libra Association, the aim of the Libra Bug Bounty Program is to "strengthen the security of the blockchain". The association wants to track down " security and privacy issues and vulnerabilities".
- Facebook ups its privacy game (a bit) with new tool for users to control data shared by websites
- Facebook has been paying people to listen to your Messenger conversations
- Facebook is renaming WhatsApp and Instagram
The bug bounty program is being launched in conjunction with HackerOne, and the Libra Association says: "The program will encourage many more people with diverse skills and backgrounds to inspect and review the blockchain design and implementation. The Libra Bug Bounty program is part of a larger ongoing effort to build an open and vibrant community of security and privacy developers around the globe."
In many ways, the bug bounty program is a pre-emptive move. Although the Libra blockchain is not due to launch until next year, ensuring the security of the system is a good PR move.
The Libra Association says that the pro-active program is built around three principles:
- Open and Vibrant Community: From the start, the Libra Association has worked with a network of renowned developers to solicit feedback and has woven their improvements into the design and implementation of the blockchain. As progress is made, it is crucial to continue to grow the research community, foster fruitful collaboration, and generate useful bug reports.
- Sharing Feedback: The highest quality submissions will be showcased (with permission) in order to highlight the best examples of the discovered issues the program has rewarded. There will be transparency around what has been found and fixed to help everyone learn from these issues.
- Global Participation: The Libra Association is a global effort and so is the Libra Bug Bounty program. The program will be internationally inclusive and will promote researcher contributions from around the world and host bug bounty events in diverse locations.
The association says that it is eager to hunt down "even the most subtle bugs", and wants to make the program as accessible as possible to help with this.
Find out more over on the Libra Bug Bounty Program page.