Learn how they work and why they are similarly effective to a code audit.
Bug Bounty Programs are an important part of an integral software security framework in Maya and many other tech and crypto companies. In this article we will see what they are all about, but we will start with the basics first:
In software development, a “bug” is an error or fault in the design of a script or program that causes it to behave in unintended ways or to produce an incorrect or unexpected result. They can come in various forms, like a simple misspelling or an incorrect placement of a variable or function. A “bugged” piece of code could, for example, cause a computer to crash or a user to obtain information not intended for him.
If you have written a long essay before, you know how small mistakes can escape your eyes as a result of repetitively reading your own text. This can happen to software developers too, and one common way to prevent errors in both cases is to ask someone else to read your work for you!
If you haven’t guessed yet, a Bug Bounty Program is a deal that websites or software developers offer openly to incentivize security researchers and white-hat hackers to read their code and report any bugs they might find, specially those related to security or vulnerabilities. As the name implies, good reports receive a reward that is usually based on the severity of the bug or vulnerability found.
These programs have several benefits for both the company or project offering it and its users, from the commitment and transparency shown with it, to the continuous nature of constant verification and access to the global community of security experts.
Bug Bounty programs are different for different platforms but their rewards can vary from some USD $1,000 for less severe bug reports, to more than USD $100,000 for highly-technical, critical reports.
Immunefi is a platform that consolidates Bug Bounty Programs in the Web3 software industry. They have been in business since December 2020 and currently offer more than USD $132 million in bounties for different protocols and companies. According to their website, they have also paid more than USD $70 million in rewards for security reports!
On top of our various Halborn audits, at Maya, we have implemented an Immunefi Bug Bounty Program. Our code has always been open-source but now we are actively inviting all auditors and security pundits to help us refine it.
Security has always been essential to us and we will continue to work closely with the people at Immunify and its impressive community of security experts. If you are interested in having more details on our Bug Bounty Program or the security at Maya, be sure to join our official Discord server and ask what you need. Read you there!