Latest in Gear

Image credit:

Libra Association opens Bug Bounty program to everyone

The organization wants researchers to test the security of its Libra blockchain.
Edgar Alvarez, @abcdedgar
August 27, 2019
Share
Tweet
Share

Sponsored Links

Libra Association

Facebook's Calibra digital wallet isn't expected to launch until 2020. But, as you might expect, the organization created to protect the Libra cryptocurrency that will be used with Calibra (and other Libra financial services) is already working to ensure it keeps people's data safe. We're talking about the Libra Association, the independent group in charge of governing Libra, which has announced it is now welcoming all researchers who want to help test the security of its blockchain technology -- in exchange for financial rewards, naturally. The Libra Bug Bounty program was announced at the time when the Libra Association became official in June, but now the nonprofit will be opening it to the public.

The Libra Association, backed by 28 companies including MasterCard, Visa, PayPal, eBay, Uber, Lyft, Farfetch and, of course, Facebook/Calibra, says it has built its Bug Bounty program as a "major effort to strengthen the security of our blockchain." And it wants developers worldwide to identify bugs and flaws in the Libra blockchain before it arrives next year, when there will be real money from presumably millions of people at stake. According to the Libra Association, security researchers should know that the Libra's blockchain technology is still in testnet, an early-stage version of its code, and that it won't be launching until regulatory concerns and approvals have been sorted out.

Calibra

Facebook Calibra.

Michael Engle, Head of Developer Ecosystem at the Libra Association, said in a blog post that those who assist the organization in discovering "the most critical issues" can receive up to $10,000 in rewards per bug report. That said, the Libra Association told Engadget it could pay more more or less than that sum, based on the type of vulnerability that someone brings to their attention.

Engle added that the goal with the Libra Bounty program is to encourage members of the security community to scrutinize the blockchain -- which, to be clear, won't feature any actual money during this test -- and help the Libra Association find even the most subtle bugs. "With the launch of the Libra Bug Bounty, we are excited to build an open and vibrant network of security and privacy researchers around the globe," he said. "We know it will take a global community to launch a global cryptocurrency, and we are committed to taking the time to get this right."

Given that Facebook spearheaded the Libra Association, this bug bounty program shouldn't come as a surprise. Facebook has been crowdsourcing security efforts for years now, having awarded millions of dollars to tipsters to date. Just last week, in fact, the company announced the expansion of its Data Abuse bounty program to Instagram, which will reward researchers who report third-party services that may be exploiting user data on the popular app.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

The 2020 Engadget Holiday Gift Guide

The 2020 Engadget Holiday Gift Guide

View
Scientists find neutrinos from star fusion for the first time

Scientists find neutrinos from star fusion for the first time

View
The best Black Friday tech deals that are already available

The best Black Friday tech deals that are already available

View
'Mechwarrior 5' will arrive on Xbox in spring 2021

'Mechwarrior 5' will arrive on Xbox in spring 2021

View
Apple's Intel-powered MacBook Air falls to $799 ahead of Black Friday

Apple's Intel-powered MacBook Air falls to $799 ahead of Black Friday

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr