According to Coindesk, Facebook is looking for more external contributions to the cryptocurrency project Libra, starting with a bug bounty program that pays security researchers up to $10,000 in rewards.
The Libra Association, the non-profit organisation with backers including Visa and PayPal, are behind the programme that went live on Tuesday 27th August.
Diogo Monica, Anchorage co-founder and Libra Association member, told CoinDesk, “There’s a variable amount of rewards based on bugs. This is great for the [Libra] community, this is consistent with the values of the [infosec] community in general.”
This bug bounty programme attracted unanimous praise from association members, and an important political step even beyond technical benefits. Some concerns had been raised that some of the firms in the Libra community might pull out, according to an FT report, and House Financial Services Committee, released a statement on Sunday repeating her concerns about “allowing a large tech company to create a privately controlled, alternative global currency.”
In this environment, fostering volunteer contributions to open-source aspects of the project may be more important than ever. Which is why the Libra Association is expanding the beta programme with 50 external researchers to welcome any member of the public to report vulnerabilities in the code, through a partnership with the HackerOne bug bounty platform.
Aanchal Gupta, security director at Facebook subsidiary Calibra, said in a statement, “We hope that developers will bring a diversity of perspectives and expertise to this initiative while holding the Libra Blockchain to the highest security standard.”
Jesse Spiro, head of policy at the blockchain analytics firm Chainalysis, told CoinDesk, “Some of the initiatives that Libra Association is doing is very forward-thinking. Having problems that are already beginning to be identified, by being very proactive and strategic, is a good thing.”