Bug Bounty Campaign is in Progress. Results of the first week.
EON blockchain is successfully being tested, and here is the first week Bug Bounty results review! We have received about 50 bug reports, however, by now there are only four real bugs. We are publishing these bugs details here in order to prevent participants from wasting time while trying to find a bug that already was found.
- Typo. First bug was from the typos category: program said “withdrawM” instead of withdrawn”.
- The system should treat all the unacceptable data equally. According to the rules, a user could only use the nonnegative integers when making payment. If he or she uses negative or non-integers the program do not accept such payments, but user still have to pay the transaction fee. One of the participants tried to send 12, 0 and -2000 mEONs. Payments of 12.5 and 0 mEONs were not accepted and the fees were paid by the user as it was expected. However, transaction of -2000 mEONs provoked an “error from peer”, and the transaction fee was not payed. Any data entered incorrectly, including negative figures and symbols (like $) should be treated equally by the system.
- Client fails when downloading/receiving big amount of transactions (300 kilobytes of text) via “committed” command. One of the users wrote a C++ script to send lots of transactions automatically. After that he tried to use the “committed” command to withdraw the committed payments. In result his client failed.
- Client fails from a large server response. Another user wrote a script requesting a big amount of transactions, which also led to the client failure.
By the way, from now on you can send transactions in fractions of EONs (like 0.01 EONs). To do that you’ll need to redownload the program.
Our team is grateful to all of the bug bounty participants and wants to encourage more people to join the campaign. Together we can do it better!