EOSIO

Available on:

  • EOS Mainnet
  • Worbli
  • WAX
  • CryptoKylin Testnet
  • Jungle 2.0 Testnet
  • Your own network

Ethereum (Alpha)

Available on:

  • Ethereum Mainnet
  • Ropsten

Announcing the dfuse Data Integrity Bounty Program on HackerOne

Aug 1, 2019 10:37:51 AM / by dfuse

On the web today, it is commonly assumed that when you query a web service, the returned data is legitimate. However, with the kind of information that blockchains deal with -- financial, ownership, authorizations -- and the decisions you make based on that data could have a material impact on your life or your business, so data integrity becomes critical.

While some people assume that open source software is more trustworthy, when you query a web-based service, you normally have no way to validate what is running on the other side, whether the software has been tweaked or has been properly configured in the first place. The fact that a web service is supposedly running open source vs. closed source software is irrelevant to data integrity -- neither gives you a reliable integrity guarantee. And if the service is a front-end to blockchain data, even the integrity guarantees provided by the blockchain protocol itself can be diluted by your use of an intermediary process.

At dfuse, we believe it is important that API services providing access to blockchain data provide real assurance to their users regarding the integrity of the data they serve up. And we believe that these services should have skin in the game and put their money where their mouth is.

This is why, today, we’re announcing the dfuse Data Integrity Bounty Program in partnership with the trusted hacker-powered security platform HackerOne, along with our Data Integrity Proof Protocol.

We have selected the HackerOne platform for its leadership position and strong experience in managing multiple programs for Fortune 500 and Fortune Global 1000 companies. The U.S. Department of Defense, General Motors, Google, Twitter, GitHub, Nintendo, Lufthansa, Microsoft, MINDEF Singapore, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, Intel, the CERT Coordination Center and over 1,400 other organizations have partnered with HackerOne to find over 120,000 vulnerabilities and award over $57M in bug bounties.

Through this program, we are making a commitment to the integrity of the data available through the dfuse APIs. The program commits dfuse to providing only data that is complete and correct, and puts our skin in the game to back this commitment.  The program covers dfuse’s EOS Mainnet endpoints, in particular dfuse’s State, Search, GraphQL and Native nodeos endpoints.

For more details and to get involved in this program, please visit: https://hackerone.com/dfuse

Join the discussion in the dfuse API Telegram channel. Get started for free and learn why many dapp developers are now feeding their backend with information from dfuse.

 

About dfuse

dfuse, the blockchain API company, helps developers build performant applications by organizing the world's decentralized data.

Powered by its low-latency architecture, its robust APIs make it possible to stream real-time state updates, conduct lightning-fast searches and provide irreversible transaction guarantees all for the first time using a simple API call. The company's flagship products, dfuse Stream, dfuse Lifecycle, dfuse Search and dfuse On Demand Networks, are available today and offer a suite of powerful features that make it easy for developers to customize and deliver first-rate user experiences.

The future of the Web is being built right now by blockchain pioneers who are revolutionizing the way companies, organizations and societies form, operate and interact. Permissionless innovation awaits.

To sign up for free and start building, visit www.dfuse.io

topics News, developer, Data Integrity Bounty Program, HackerOne