sparrow icon indicating copy to clipboard operation
sparrow copied to clipboard
verified publisher icon sparrowwallet

Bug bounty program

Open jooray opened this issue 4 years ago • 3 comments

I am recommending Sparrow Wallet for a customer and one of the criteria they are considering is an active bug bounty program. I know Sparrow is free and open-source, so maybe a crowdfunding campaign for some BTC?

I co-founded a bug bounty platform as well (Hacktrophy.com), we have worked with Bitcoin projects in the past. Of course there can be any other bug bounty provider or even a self-hosted bug bounty. Let's get people who rely on Sparrow's security put money where they mouth is and allow them to contribute to the bug bounty program. And let's attract ethical hackers to find security bugs.

BTCPayServer has a nice crowdfunding module and it could be used for funding the project development (people contributing to specific features for example).

jooray avatar Nov 30 '21 14:11 jooray

+1

tzatko avatar Nov 30 '21 14:11 tzatko

+1

elkimek avatar Dec 01 '21 20:12 elkimek

I like this idea, but I'm concerned about the implementation - specifically, I'm not sure that a crowdfunding campaign would create a meaningful bounty. Setting it up and managing it are also considerations. That said, something to consider in future.

craigraw avatar Dec 02 '21 10:12 craigraw