Bug bounty platform HackerOne severed ties with Medici Ventures-backed Voatz, the blockchain-based cell voting app for breach of partnership requirements.
The elimination cuts off Voatz’ entry to HackerOne’s community of “moral hackers” who commerce their experience to find code faults for money. HackerOne companions with firms fascinated about shoring up potential safety vulnerabilities. Throughout 1,800 complete relationships and eight years, although, it is by no means earlier than kicked a accomplice out, stated consultant Samantha Spielman.
Spielman stated Voatz’ breach of “partnership requirements” made the connection unviable, regardless of this system’s previous bug-hunting successes.
“As a platform, we work tirelessly to foster that mutually useful relationship between safety groups and the researcher group,” she stated. Spielman declined to elaborate on Voatz’ requirements breach.
Voatz instructed CoinDesk in a assertion that it regrets the connection’s “non permanent pause.” It stated that HackerOne had caved to a “small group of researchers who, together with a few different members of the group, imagine Voatz reported a researcher to the FBI.”
“This falsehood and misinformation has been a supply of animosity towards Voatz and our companions, who face constant assaults from these researchers,” the assertion stated.
West Virginia Secretary of State Mac Warner stated in October 2019 that the FBI was investigating an tried breach of the app throughout a pilot program in 2018. West Virginia has used the app in a number of pilots, and Warner maintains that no votes have been altered up to now.
Voatz got here underneath the highlight in mid-February when a group of MIT researchers launched a scathing write-up highlighting myriad obvious safety flaws within the app. They alleged Voatz was basically bunk, criticized its transparency and referred to as up election officers contemplating the app to perhaps assume twice.
Voatz responded with its personal torrent of criticism. In a sarcasm-laced February 13 press launch, it referred to as the researchers’ report unfair and their “unhealthy religion suggestions” irreparably flawed.
Nevertheless, earlier this month Path of Bits revealed a report supporting the MIT researchers’ claims. Voatz had commissioned Path of Bits to investigate its platform.
Voatz started working with HackerOne in August 2018 and has paid out over $6,000 to researchers by “HackerOne and different avenues” since. It plans to announce its personal bounty program “within the coming days.”
West Virginia has dropped its partnership with the corporate.
Disclosure Learn Extra
The chief in blockchain information, CoinDesk is a media outlet that strives for the very best journalistic requirements and abides by a strict set of editorial insurance policies. CoinDesk is an unbiased working subsidiary of Digital Foreign money Group, which invests in cryptocurrencies and blockchain startups.