Wallet Creator GK8 Promises $250K In Bug Bounty Program

GK8, an offline cold storage cryptocurrency wallet provider, announced a bug bounty program, offering $250,000 to the one who can hack its product.

Presenting its solution as a ”hack-proof digital vault” which does not need direct or indirect connection to the internet, GK8 will put 14 Bitcoin (BTC) (more than $125,000 at the time of writing) in its wallet. Anyone who will manage to break into it will claim the funds and an additional $125,000 reward.

The GK8 bug bounty program is scheduled for February 3 (9:00 AM EST) – February 4, 2020 (9:00 AM EST).

Reducing attacks sponsored by states and APT threats

Israel-based GK8 argues that its high-security digital asset storage can be used by banks and other financial institutions for easy access and management of their crypto funds and corresponding information without internet connection.

According to the company’s website, the solution was created so as “to minimize the wallet’s attack surface and block attackers’ influence on security-critical components.”

Among numerous risks it seeks to reduce, GK8 singled out state-sponsored attacks and stealth APT (advanced persistent threat) cyber threats.

ZCash (ZEC) founding scientist and cryptography researcher Professor Eran Tromer expressed his support for the project, assuring the community that the cold wallet created by GK8 will put forward new standard for high security crypto custody solutions. He detailed the way in which the company has designed the wallet with a minimized attack surface and its working principles:

“Having only outbound unidirectional communication and then building the rest of the cryptographic protocols around it using multi-party computation, validation protocols, the transmission of policies to the environment, all while preventing the injection of malicious inputs from the internet back into the cold wallet.”

High stakes

For an industry which should always be one step ahead of threat actors, community-driven security checks, such as GK8 bug bounty program, are good opportunities for companies to perform ”stress tests” on their products.

In December 2019, the AirSwap decentralized exchange protocol started a bug bounty program, offering rewards of up to 20,000 Dai (DAI), and setting no exact time limit.

Earlier, in October, MakerDAO had to fix a critical bug, which could have led to a loss of funds for all users on the platform. HackerOne user lucash-dev had published a report detailing a critical bug in the company’s planned upgrade, and was rewarded $50,000.