Bountychain: Toward Decentralizing a Bug Bounty Program with Blockchain and IPFS
- https://doi.org/10.2991/ijndc.k.210527.001How to use a DOI?
- Bug bounty, blockchain, IPFS, decentralized apps, DApps
Bug Bounty Programs (BBPs) play an important role in providing and maintaining security in software applications. These programs allow testers to discover and resolve bugs before the general public is aware of them, preventing incidents of widespread abuse. However, they have shown problems such as organizations providing accountability of reporting bugs and nonrecognition of testers. In this paper, we discuss Bountychain, a decentralized application using Ethereum-based Smart Contracts (SCs) and the Interplanetary File System (IPFS), a distributed file storage system. Blockchain and SCs provide a safe, secure and transparent platform for a BBP. Testers can submit bug reports and organizations can accept or reject the defect via the SCs. Transactions on the blockchain serve as a persistent and transparent record of software bugs, while IPFS serves as a long-term storage system for bug details. Thus, Bountychain ensures organization accountability and allows testers to gain irrefutable recognition.
- © 2021 The Authors. Published by Atlantis Press B.V.
- Open Access
- This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - JOUR AU - Alex Hoffman AU - Phillipe Austria AU - Chol Hyun Park AU - Yoohwan Kim PY - 2021 DA - 2021/06 TI - Bountychain: Toward Decentralizing a Bug Bounty Program with Blockchain and IPFS JO - International Journal of Networked and Distributed Computing SP - 86 EP - 93 VL - 9 IS - 2-3 SN - 2211-7946 UR - https://doi.org/10.2991/ijndc.k.210527.001 DO - https://doi.org/10.2991/ijndc.k.210527.001 ID - Hoffman2021 ER -