Offline chilly storage cryptocurrency pockets service supplier GK8 is offering a bug bounty of as much as $250,000 to the primary one that can hac
Offline chilly storage cryptocurrency pockets service supplier GK8 is offering a bug bounty of as much as $250,000 to the primary one that can hack its product.
GK8 — which presents its answer as a “hack-proof digital vault” that wants no direct or oblique connection to the web — will place 14 Bitcoin (BTC) (over $125,000 at press time) in its pockets. Anybody who succeeds in breaking into the pockets will pocket its proceeds, plus an extra $125,000 prize.
The bounty program will run from Feb. 3 (9:00 a.m EST) via February 4, 2020 (9:00 AM EST).
Mitigating state-sponsored assaults and APT threats
Israel-based GK8 claims its high-security custody answer for digital asset storage will enable banks and different establishments to completely entry and handle their crypto holdings and associated data with no need to connect with the online.
The agency’s website claims the product has been designed in order “to reduce the pockets’s assault floor and block attackers’ affect on security-critical parts.”
Among the many listing of dangers it goals to mitigate, GK8 has pointed to state-sponsored assaults and stealth APT (superior persistent menace) cyber threats.
Zcash (ZEC) founding scientist and cryptography researcher Professor Eran Tromer has endorsed the challenge, contending that the chilly pockets answer developed by GK8 will set a brand new commonplace for top safety cryptocurrency custody choices. He defined the best way through which the agency has designed the pockets with a minimized assault floor, noting that it really works by:
“Having solely outbound unidirectional communication after which constructing the remainder of the cryptographic protocols round it utilizing multi-party computation, validation protocols, the transmission of insurance policies to the setting, all whereas stopping the injection of malicious inputs from the web again into the chilly pockets.”
Excessive stakes
In an business that should at all times preserve one step forward of potential menace vectors, bug bounty applications function a helpful “stress take a look at” for cryptocurrency corporations to probe the safety of their options.
In Dec. 2019, the AirSwap decentralized change protocol announced its launch of a bug bounty program with rewards of as much as 20,000 Dai (DAI), with out setting a time restrict for bug-finders.
Earlier, in October, MakerDAO had been prompted to repair a critical bug that might have resulted in an entire lack of funds for all platform customers. HackerOne person lucash-dev had disclosed a report revealing a important bug in MakerDAO’s deliberate improve, and was rewarded for the trouble with a $50,000 bounty.