Bug bounty platform HackerOne severed ties with Medici Ventures-backed Voatz, the blockchain-based cellular voting app for breach of partnership requirements.
The removing cuts off Voatz’ entry to HackerOne’s community of “moral hackers” who commerce their experience find code faults for money. HackerOne companions with firms curious about shoring up potential safety vulnerabilities. Across 1,800 complete relationships and eight years, although, it is by no means earlier than kicked a associate out, mentioned consultant Samantha Spielman.
Spielman mentioned Voatz’ breach of “partnership requirements” made the connection unviable, regardless of this system’s previous bug-hunting successes.
“As a platform, we work tirelessly to foster that mutually useful relationship between safety groups and the researcher neighborhood,” she mentioned. Spielman declined to elaborate on Voatz’ requirements breach.
Voatz instructed CoinDesk in a assertion that it regrets the connection’s “non permanent pause.” It mentioned that HackerOne had caved to a “small group of researchers who, together with a few different members of the neighborhood, consider Voatz reported a researcher to the FBI.”
“This falsehood and misinformation has been a supply of animosity towards Voatz and our companions, who face constant assaults from these researchers,” the assertion mentioned.
West Virginia Secretary of State Mac Warner mentioned in October 2019 that the FBI was investigating an tried breach of the app throughout a pilot program in 2018. West Virginia has used the app in a number of pilots, and Warner maintains that no votes have been altered so far.
Voatz got here below the highlight in mid-February when a group of MIT researchers launched a scathing write-up highlighting myriad obvious safety flaws within the app. They alleged Voatz was basically bunk, criticized its transparency and known as up election officers contemplating the app to perhaps suppose twice.
Voatz responded with its personal torrent of criticism. In a sarcasm-laced February 13 press launch, it known as the researchers’ report unfair and their “unhealthy religion suggestions” irreparably flawed.
However, earlier this month Trail of Bits printed a report supporting the MIT researchers’ claims. Voatz had commissioned Trail of Bits to research its platform.
Voatz started working with HackerOne in August 2018 and has paid out over $6,000 to researchers by “HackerOne and different avenues” since. It plans to announce its personal bounty program “within the coming days.”
West Virginia has dropped its partnership with the corporate.
Disclosure Read More
The chief in blockchain information, CoinDesk is a media outlet that strives for the very best journalistic requirements and abides by a strict set of editorial insurance policies. CoinDesk is an unbiased working subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.