Security issues can bring down even the biggest platforms, despite them being valued at billions of dollars. That’s why EOS, a blockchain project that raised USD 4 billion, offered a bounty of USD 10,000 for anyone finding a bug in their code described as “a unique bug that can cause a crash, privilege escalation, or non-deterministic behavior in smart contracts.” One such person claims he managed to earn USD 120,000 in merely a week.
Dutch ethical hacker Guido Vranken found several bugs, at first claimed to be only eight in a tweet by another ethical hacker Jon Bottarini, who was later corrected by Vranken himself, saying he found 12 – for a total of USD 120,000, but he adds that he lost count and that it took him about a week. Vranken has also previously reported bugs to Ethereum, Ripple, and Stellar.
Thank you. A couple more waiting to be rewarded. I think the final tally was $120K but I lost count. Took me about a week.
— Guido Vranken (@GuidoVranken) June 4, 2018
Vranken even said on a Reddit thread about his work that EOS had offered him a job shortly after he reported his discovery. The company,Block.one, was reported to have “a series of epic vulnerabilities” discovered on its platform by China-based security firmQihoo 360.
Qihoo 360 said that Block.One has promised to hold offEOS mainnet launchuntil the vulnerabilities are eliminated, but the company went ahead with the launch anyway stating that all the bugs will be fixed by the time of the launch. Some reports indicate that the EOS blockchain is still not fully up and running. It is still not known whether the bugs Vranken found have been fixed.