According to media reports and Qtum’s own website, Qtum has joined the SlowMist Zone to find bugs in the blockchain and allow businesses to flourish. The program welcomes hackers and awards them up to $10,000 for critical security issues.
What is Qtum?
Open-sourced, the company enhances the security of UTXO while enabling multiple virtual machines like EVM and the revolutionary x86 VM. The platform uses smart contracts because of the Decentralized Governance Protocol (DGP) by allowing blockchain settings to be modified.
The main aim of the company is to allow businesses to use the blockchain technology and promote the use of smart contract platform.
The various stage of reporting
- The reporter has to first visit the SlowMist Zone site and click on the Submit Bug Bounty. Here they can report the threat intelligence. The status that is reflected in the submission of the report is pending.
- Within one working day, the team would take up the issue, analyze it, draw conclusions and record the points. The status would change accordingly on approval- confirmed or ignored. The one who has reported would then be contacted for assistance to resolve the matter.
- Once it has been confirmed that the problem has been solved, the Qtum technical team will pass the message to the SlowMist team and report the vulnerability score. They will then issue rewards with the SlowMist Security Team. This is when the status is close, and the stages are completed.
The repairing is also done in stages. Depending on the severity of the threat, the Qtum and the SlowMist will grade the severity as critical or high-risk problem, to be sorted within 3 working days for medium-risk problems and to be sorted within 7 working days for the low-risk issues. Once the problem is solved, the rewards thus would be:
Qtum(@QtumOfficial ) joined SlowMist Zone and release the "Security Vulnerability and Threat Intelligence Bounty Program". Qtum will award hackers up to $10,000 for critical security issues. Details on the scope follow: https://t.co/oB84T5CzTp pic.twitter.com/BVr2iLQkBh
— SlowMist (@SlowMist_Team) April 25, 2019
However, terms and conditions apply when it comes to the bounty plan. According to company policy, there will be no bounty if the problem is made public or causes an issue before it is being resolved.
This indeed is a great way to ensure that the problems are resolved with the help of ethical hacking.