Is an appropriate amount of incentives enough to push developers into better ethereum blockchain bug reporting?
Announced at Devcon3 Thursday, Hydra looks to do this very thing. This project is being funded by the National Science Foundation Graduate Research Fellowship and designed by a group of researchers from top academic schools such as Stanford and Cornell.
Hydra stands out in that its contracts are targeted to instantly and programmatically offer those that report the bugs a higher reward than they would get if they were to place the bugs themselves. If a user’s smart contract hack would have rewarded them 120 tokens, they would receive 1,200 tokens instead for reporting the hack.
Currently, there is a problem they are trying to solve with the current smart contract hack incentives that make the hacking far more lucrative than the incentive.
They’ve decided to tweak the incentive based on concepts of crypto-economics, thinking people would be more encouraged to report the bugs if given more of an amount.
A researcher on the project, Phil Daian, states they want to focus on the solution rather than condemning those that commit the hacks.
He said, “Let’s see this as a game. What would a rational attacker do with these systems? Say an attacker finds a bug: would they attack or would they claim the bounty?”
There are many at the conference that are excited and who want to start playing around with the new system. While it was released in its first phase today, Daian stresses it’s still a brand new product and might not be safe yet to store funds. He said, “The code is here for you to play with. But trusting funds with this baby Hydra we’ve spun up – not a good idea.”
Featured Image: twitter