Lorenz Breidenbach*, Phil Daian*, Florian Tramèr* and Ari Juels
USENIX Security Symposium 2018 (Invited to appear in IEEE Security and Privacy Magazine)
Vulnerability reward programs, a.k.a. bug bounties, are a popular tool that could help prevent software exploits. Today, however, they lack rigorous principles for setting bounty amounts and require high payments to attract economically rational hackers. Rather than claim bounties for serious bugs, hackers often sell or exploit them.
We present the Hydra Framework, the first general, principled approach to modeling and administering bug bounties and boosting incentives for hackers to report bugs. The key idea is what we call an exploit gap, a program transformation that enables runtime detection of security-critical bugs. The Hydra Framework transforms programs via N-of-N-version programming (NNVP), a variant of classical N-version programming that executes multiple independent program instances.
We apply the Hydra Framework to smart contracts, small programs that execute on blockchains. We show how Hydra contracts greatly amplify the power of bounties to incentivize bug disclosure by economically rational adversaries, establishing the first framework for economic evaluation of smart contract security. We also model powerful adversaries capable of bug withholding, exploiting race conditions in blockchains to claim bounties before honest users can. We present Submarine Commitments, a countermeasure of independent interest that conceals transactions on blockchains.
We present a simple core Hydra Framework for Ethereum. We report the implementation of two Hydra contracts—an ERC20 token contract and a Monty-Hall-like game.
@inproceedings{BDTJ18, | |||
author | = | {Breidenbach, Lorenz and Daian, Phil and Tram{\`e}r, Florian and Juels, Ari}, | |
title | = | {Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts}, | |
booktitle | = | {USENIX Security Symposium}, | |
pages | = | {1335--1352}, | |
year | = | {2018}, | |
howpublished | = | {Cryptology ePrint Archive, Report 2017/1090}, | |
url | = | {https://eprint.iacr.org/2017/1090} | |
} |