Decentralized Security Bounty Management on Blockchain and IPFS

Document Type

Conference Proceeding

Publication Date

1-6-2020

Publication Title

2020 10th Annual Computing and Communication Workshop and Conference (CCWC)

Publisher

Institute of Electronics and Electrical Engineers

Publisher Location

Las Vegas, NV

First page number:

241

Last page number:

247

Abstract

The rise of decentralized applications (DApps) have received great attention over the recent years due to the surge of attention towards blockchain technologies. Motivated by these recent disruptions, this paper introduces a blockchain based bug bounty program named Bountychain. This DApp utilizes an Ethereum based smart contract system and an interplanetary file system (IPFS) storage paradigm intended to be used by companies, industries, and testers. The smart contract model provides a safe, secure, and transparent platform for a bug bounty program. Testers will submit bugs via the blockchain, and companies will accept or reject the defect via the blockchain. Thus, testers will automatically get paid via the in-built smart contract system on a web interface, which will allow the tester to gain recognition and status no matter which company's bugs they find. The transactions on the chain will serve as a persistent and transparent record of software bugs, and IPFS will serve as a long-term storage system for bug details.

Keywords

Blockchain; IPFS; Ethereum; Smart Contract; Bug Bounty Program; Cyber Vulnerability Market

Disciplines

Computer Sciences

Language

English

UNLV article access

Share

COinS