文章基本信息

标题：VeriOSS: Using the Blockchain to Foster Bug Bounty Programs
本地全文：下载
作者：Andrea Canidio ; Gabriele Costa ; Letterio Galletta 等
期刊名称：OASIcs : OpenAccess Series in Informatics
电子版ISSN：2190-6807
出版年度：2021
卷号：82
页码：6:1-6:14
DOI：10.4230/OASIcs.Tokenomics.2020.6
出版社：Schloss Dagstuhl -- Leibniz-Zentrum fuer Informatik
摘要：Nowadays software is everywhere and this is particularly true for free and open source software (FOSS). Discovering bugs in FOSS projects is of paramount importance and many bug bounty programs attempt to attract skilled analysts by promising rewards. Nevertheless, developing an effective bug bounty program is challenging. As a consequence, many programs fail to support an efficient and fair bug bounty market. In this paper, we present VeriOSS, a novel bug bounty platform. The idea behind VeriOSS is to exploit the blockchain technology to develop a fair and efficient bug bounty market. To this aim, VeriOSS combines formal guarantees and economic incentives to ensure that the bug disclosure is both reliable and convenient for the market actors.
关键词：Bug Bounty; Decentralized platforms; Symbolic-reverse debugging