“Using a single machine, an attacker could send a DDoS attack to all or 51 percent of the [Super Representative] nodes and render TRON network unusable, or make it unavailable,” reads the report, labeled high severity. This flaw in TRON‘s wallet allowed all of the network‘s available memory to be taken up by a single party with just one computer, which would have effectively broken the blockchain during that time. A second bounty (worth $3,100) was also paid, but the TRON Foundation chose not to disclose further details. Hard Fork reached out to the TRON Foundation for more information, and will update this piece should we learn more about either bug bounty. These HackerOne bounties are an industry norm In the 10 months since first launching its bug disclosure program, the TRON Foundation has handed out $78,800 worth of bounties to security researchers for 15 separate vulnerability reports. Twelve of those reports are marked as “resolved,” and the highest single TRON bounty collected so far is $10,000.
Support the originator by clicking the read the rest link below.