1. Home
  2. hackathon

hackathon

Paypal Launches Global Hackathon With 40,000 PYUSD in Prizes

Paypal Launches Global Hackathon With 40,000 PYUSD in PrizesPaypal, a leading payment platform, has announced a global hackathon for its stablecoin PYUSD, offering 40,000 PYUSD in prizes. This initiative follows the launch of the Paypal stablecoin on Solana. Running from Aug. 12 to Sept. 16, the hackathon aims to foster innovation and the adoption of PYUSD on Solana. Paypal Announces Global PYUSD Hackathon […]

Chinese official gets life sentence for selling state secrets to pay crypto debts

Base to Launch Online Hackathon With 200 ETH in Prizes, Sponsored by Stripe, Shopify, and More

Base to Launch Online Hackathon With 200 ETH in Prizes, Sponsored by Stripe, Shopify, and MoreBase, the Ethereum Layer 2 solution incubated by Coinbase, has announced the Onchain Summer Buildathon. The event, which runs from May 31st to June 30th, invites builders worldwide to showcase their skills in various onchain use cases, including payments, commerce, gaming, and social. The Buildathon offers 200 ETH in total prizes across eight sponsored tracks, […]

Chinese official gets life sentence for selling state secrets to pay crypto debts

IBM announces global Call for Code artificial intelligence hackathon winners

The global hackathon, now in its sixth year, gives participants access to advanced AI, cloud computing and blockchain technology.

The David Clark Cause, IBM, the United Nations Human Rights Office of the Commissioner and the Linux Foundation announced the winners of the 2023 Call for Code hackathon on Dec. 6.

Call for Code is the largest annual event of its kind, gathering participants from more than 180 nations who have produced a collective 24,000 applications to date, according to the David Clark Cause.

This year’s contest focused on solving “the most pressing global issues of our time” using available technologies, including IBM’s generative artificial intelligence (AI) service, watsonx. It included grand prizes awarded in three separate participant categories: developer, university and independent vendor/startup.

Read more

Chinese official gets life sentence for selling state secrets to pay crypto debts

Bug bounties can help secure blockchain networks, but have mixed results

How bug bounties can improve security by using talent from the blockchain community.

Bug bounties are programs organizations offer to incentivize security researchers or ethical or white hat hackers to find and report vulnerabilities in their software, websites or systems. Bug bounties aim to improve overall security by identifying and fixing potential weaknesses before malicious actors can exploit them.

Organizations that implement bug bounty programs typically establish guidelines and rules outlining the scope of the program, eligible targets, and the types of vulnerabilities they are interested in. Depending on the severity and impact of the discovered vulnerability, they may also define the rewards offered for valid bug submissions, ranging from small amounts of money to significant cash prizes.

Security researchers participate in bug bounty programs by searching for vulnerabilities in designated systems or applications. They analyze the software, conduct penetration testing, and employ various techniques to identify potential weaknesses. Once a vulnerability is discovered, it is documented and reported to the organization running the program, usually through a secure reporting channel provided by the bug bounty platform.

Upon receiving a vulnerability report, the organization’s security team verifies and validates the submission. The researcher is rewarded according to the program’s guidelines if the vulnerability is confirmed. The organization then proceeds to fix the reported vulnerability, improving the security of its software or system.

Bug bounties have gained popularity because they provide a mutually beneficial relationship. Organizations benefit from the expertise and diverse perspectives of security researchers who act as an additional layer of defense, helping identify vulnerabilities that may have been overlooked. On the other hand, researchers can showcase their skills, earn financial rewards and contribute to the overall security of digital ecosystems.

Discovering vulnerabilities within a platform’s code is crucial when it comes to protecting users. According to a report by Chainalysis, around $1.3 billion worth of crypto was stolen from exchanges, platforms and private entities.

Bug bounties can help to encourage responsible and coordinated vulnerability disclosure, encouraging researchers to report vulnerabilities to the organization first rather than exploiting them for personal gain or causing harm. They have become integral to many organizations’ security strategies, fostering a collaborative environment between security researchers and the organizations they help protect.

Getting involved

Communities can play a crucial role in bug hunting by leveraging their diverse perspectives and skill sets. When organizations engage the community, they tap into a vast pool of security researchers with varying backgrounds and experiences.

Troy Le, head of business at blockchain auditing firm Verichains, told Cointelegraph, “Bug bounty programs harness the power of the community to enhance the security of blockchain networks by engaging a wide range of skilled individuals, known as security researchers or ethical hackers.”

Le continued, “These programs incentivize participants to search for vulnerabilities and report them to the bounty organization. Organizations can leverage a diverse talent pool with varying expertise and perspectives by involving the community. Ultimately, bug bounty programs promote transparency, facilitate continuous improvement, and bolster the overall security posture of blockchain networks.”

In addition to diverse perspectives, engaging the community in bug hunting offers scalability and speed in the discovery process.

Organizations often face resource constraints, such as limited time and manpower, which can hinder their ability to thoroughly assess their systems for vulnerabilities. However, by involving the community, organizations can tap into a large pool of researchers who can work simultaneously to identify bugs.

This scalability allows for a more efficient bug discovery process, as multiple individuals can review different aspects of the system concurrently.

Another advantage of engaging the community in bug hunting is the cost-effectiveness compared to traditional security audits. Traditional audits can be expensive, involving hiring external security consultants or conducting in-house assessments. On the other hand, bug bounty programs provide a cost-effective alternative.

Recent: Google Cloud furthers Bitcoin Lightning ambitions with Voltage partnership

This pay-for-results model ensures that organizations only pay for actual bugs found, making it a more cost-efficient approach. Bug bounties can be tailored to fit an organization’s budget, and the rewards can be adjusted based on the severity and impact of the reported vulnerabilities.

Pablo Castillo, chef technology officer of Chain4Travel — the facilitator of the Camino blockchain — told Cointelegraph, “Engaging the community in bug hunting has many benefits for both organizations and security researchers. For one, it expands access to talent and expertise, allowing them to tap into a diverse set of skills and perspectives.”

Castillo continued, “This increases the chances of discovering and effectively addressing vulnerabilities, thereby improving the overall security of blockchain networks. It also fosters a positive relationship with the community, building trust and reputation within the industry.”

“For security researchers, participating in bug bounty programs is an opportunity to showcase their skills in a real-world scenario, gain recognition and potentially earn financial rewards.”

This collaboration not only strengthens the organization’s security posture but also provides recognition and rewards to the researchers for their valuable contributions. The community benefits by gaining access to real-world systems and the opportunity to sharpen their skills while making a positive impact.

Crypto projects launching without auditing

Many crypto projects launch without conducting proper security audits and instead rely on white hat hackers to uncover vulnerabilities. Several factors contribute to this phenomenon.

Firstly, the crypto industry operates in a fast-paced and highly competitive environment. Being the first to market can provide a significant advantage. Comprehensive security audits can be time-consuming, involving extensive code review, vulnerability testing and analysis. By skipping or delaying these audits, projects can expedite their launch and gain an early foothold in the market.

Secondly, crypto projects, especially startups and smaller initiatives, often face resource constraints. Conducting thorough security audits by reputable auditing firms can be expensive.

These costs include hiring external auditors, allocating time and resources for testing, and addressing the identified vulnerabilities. Projects may prioritize other aspects, such as development or marketing due to limited budgets or prioritization decisions.

Another reason is blockchains’ decentralized nature and the crypto space’s strong community-driven ethos. Many projects embrace the philosophy of decentralization, which includes distributing responsibilities and decision-making.

However, there are significant downsides to launching crypto projects without proper audits and relying solely on white hat hackers. One major downside is the increased risk of exploitation. Without a thorough codebase assessment, potential vulnerabilities and weaknesses may remain undetected. 

Malicious actors can exploit these vulnerabilities to compromise the project’s security, leading to theft of funds, unauthorized access or system manipulation. This can result in significant financial losses and reputational damage.

Another downside is the incomplete or biased nature of security assessments. While white hat hackers play a crucial role in identifying vulnerabilities, they do not provide the same level of assurance as comprehensive audits conducted by professional security firms.

White hat hackers may have biases, areas of expertise or limitations regarding time and resources. They may focus on specific aspects or vulnerabilities, potentially overlooking other critical security issues. The overall security assessment may be incomplete without a holistic view provided by a thorough audit.

Castillo said, “While white hat hackers play a critical role in identifying vulnerabilities, relying solely on them may not provide comprehensive coverage. Without proper security audits with established providers, there is a greater chance of missing critical vulnerabilities or design flaws that malicious actors could exploit.”

Castillo continued, “Inadequate security measures can lead to various risks, including potential breaches, loss of user funds, reputational damage and more. To sum up: Launching without an audit could put the project at risk of non-compliance, leading to legal issues and financial penalties.”

Furthermore, relying solely on white hat hackers may lack the accountability and quality control measures typically associated with professional audits. Auditing firms follow established methodologies, standards and best practices in security testing.

They also adhere to industry regulations and guidelines, ensuring a consistent and rigorous evaluation of the project’s security posture. In contrast, relying on ad hoc assessments by individual white hat hackers may result in inconsistent methodologies, varying levels of rigor and potential gaps in the security assessment process.

Moreover, the legal aspects surrounding the actions of white hat hackers can be ambiguous. While many projects appreciate and reward responsible disclosure, the legal implications can vary depending on the jurisdiction and project policies.

White hat hackers may face challenges in claiming rewards, receiving proper recognition, or even encountering legal repercussions in some cases. Without clear legal protection and well-defined frameworks, there can be a lack of trust and transparency between the project and the hackers.

Lastly, relying solely on white hat hackers may result in a narrower range of expertise and perspectives than a comprehensive audit. Auditing firms bring specialized knowledge, experience and a systematic approach to security testing.

They can identify complex vulnerabilities and potential attack vectors that individual hackers may miss. By skipping audits, projects risk not uncovering critical vulnerabilities that could undermine the system’s security.

Le said, “Launching crypto projects without proper security audits and relying solely on white hat hackers carries significant risks and downsides.”

Le stressed that proper security audits conducted by experienced professionals “provide a systematic and thorough evaluation of a project’s security posture.” These audits help identify vulnerabilities, design flaws and other potential risks that might go unnoticed.

“Neglecting these audits can result in serious consequences, including loss of user funds, reputational damage, regulatory issues and even project failure,” Le said. “It is essential to adopt a balanced approach that includes both bug bounty programs and professional security audits to ensure comprehensive security coverage and mitigate potential risks.”

Recent: Animoca still bullish on blockchain games, awaits license for metaverse fund

While involving white hat hackers and the community in security testing can provide valuable insights and contributions, relying solely on them without proper audits presents significant downsides.

It increases the risk of exploitation, can result in incomplete or biased security assessments, lacks accountability and quality control, offers limited legal protection, and may lead to the oversight of critical vulnerabilities.

To mitigate these downsides, crypto projects could prioritize comprehensive security audits conducted by reputable professional auditors while still leveraging the skills and enthusiasm of the community through bug bounty programs and responsible disclosure initiatives.

Collect this article as an NFT to preserve this moment in history and show your support for independent journalism in the crypto space.

Chinese official gets life sentence for selling state secrets to pay crypto debts

ZkDay comes to Paris on July 19: A marquee ZK conference amid EthCC

The ZK-focused community conference zkDay Paris kicks off on July 19 during EthCC after a successful event in Denver.

Zero-knowledge (ZK) projects continue to spread worldwide, and a new go-to ZK event is coming to Paris, hosted by Manta Network, a ZK layer-1 blockchain; investment firm Polychain Capital and Cointelegraph. The ZK community conference — zkDay Paris — kicks off during EthCC Paris on July 19, from 11:00 am to 8:00 pm Central European Time, on the back of a successful event at zkDay Denver.

ZkDay Paris will include booths, networking, keynotes, venture capital and industry panel discussions with the best and brightest in the crypto industry and the ZK niche. Speakers are invited to apply to join the event on the zkDay website. Additionally, the event will feature an intimate Tech Room, allowing visitors to attend at least 10 ZK workshops.

Register to attend zkDay Paris on July 19 for free.

The upcoming ZK event also boasts a pitch contest with a five-figure prize pool. Early-stage startups are eligible and can now apply through the form, also available on the official zkDay website. The organizers expect to feature at least 10 curated early-stage ZK projects on zkPitch Day.

The zkPitch Day schedule will be shared ahead of the event, and according to the statement, the organizers will look for a variety of teams to join: “Carefully selected ZK projects that demonstrate the highest quality are eligible to participate, from those just starting fundraising to those who have recently completed their seed round.”

The five-figure prize pool for ZK projects at zkDay Paris was contributed to by several sponsors, including platinum sponsors like Foresight Ventures, a Web3-focused investment firm, and Polyhedra Network, a company providing infrastructure for Web3 interoperability.

ZkDay Paris expects to gather at least 25 community partners and speakers from Foresight Ventures, Polyhedra Network, Figment Capital, Hyper Oracle, Landa Class and Kontos, and from companies like Aztec and Worldcoin, among others.

ZkDay Paris comes on the heels of the success of zkDay Denver — the biggest side event in ETHDenver, with more than 3,000 participants. The conference showcased ZK projects at various stages, from those embarking on their fundraising journey to those that recently completed their seed round.

Follow the official conference website and Twitter account for all the latest updates and announcements.

Sponsored: Cointelegraph does not endorse the content of this article nor any product mentioned herein. Readers should do their own research before taking any action related to any product or company mentioned and carry full responsibility for their decisions.

Chinese official gets life sentence for selling state secrets to pay crypto debts

Reverse Engineering the Future: Bitcoin.com Team Members Weigh In on ETHGlobal Tokyo Hackathon

Reverse Engineering the Future: Bitcoin.com Team Members Weigh In on ETHGlobal Tokyo HackathonThe ETHGlobal Tokyo hackathon drew to a close on Sunday, as builders from around the world competed for $375,000 in prizes. The event was kicked off with the first-ever ETHGlobal “Pragma” summit, sponsored by Verse, among others. Engineers and representatives from Bitcoin.com also took part in the summit and hackathon, and shared their thoughts on […]

Chinese official gets life sentence for selling state secrets to pay crypto debts

ETHGlobal Hackathon Kicks Off in Tokyo With First Ever Pragma Summit

ETHGlobal Hackathon Kicks Off in Tokyo With First Ever Pragma SummitAs previously announced by ETHGlobal, the first-ever Pragma summit kicked off the wider ETHGlobal Tokyo hackathon on Thursday as a “hub for high-quality talks and as a forum of discussion for builders and leaders from the Ethereum ecosystem and beyond.” The event, emceed by Kartik Talwar of ETHGlobal, featured on-stage interviews with Aya Miyaguchi of […]

Chinese official gets life sentence for selling state secrets to pay crypto debts

Balaji Srinivasan: ‘Giant Robot’ of Crypto-Friendly States Needed to Battle ‘Giant Monster’ of US Gov., Explains Why He Made Bitcoin Bet

Balaji Srinivasan: ‘Giant Robot’ of Crypto-Friendly States Needed to Battle ‘Giant Monster’ of US Gov., Explains Why He Made Bitcoin BetTech entrepreneur, angel investor, and author of The Network State, Balaji Srinivasan, says a proverbial “giant robot” of supportive governing bodies and crypto proponents is needed to do battle with the “giant monster” of the U.S. federal government. The former CTO of Coinbase also said he will issue an update on his ongoing $1 million-dollar […]

Chinese official gets life sentence for selling state secrets to pay crypto debts

BNB Chain hackathon winner accuses Binance of stealing AI-powered NFTs idea

Chatcasso won the first prize in the BNB Chain hackathon for creating an AI-powered tool for creating NFTs and won $5,000 in BUSD, held in Seoul between Dec. 17 to 19, 2022.

Crypto exchange Binance has been accused of “blatantly” copying the winner of the BNB Chain hackathon after launching Bicasso — an AI-based nonfungible token (NFT) creation tool. Binance allegedly ripped off a tool created by Chatcasso just two months after awarding them first prize in a BNB Chain hackathon held in Seoul between Dec. 17 to 19, 2022.

On March 1, Binance CEO Changpeng ‘CZ’ Zhao announced the launch of Bicasso, an artificial intelligence (AI) product that can be used to “turn your creative visions into NFTs with AI.” However, community member ggoma believes Binance copied his project Chatcasso and shipped it as their own offering.

Binance, on the other hand, dismissed the accusations of stealing. Speaking to Cointelegraph, a Binance spokesperson said that Bicasso is an experimental project built by a small team at Binance as a test and that NFTs and AI are common concepts being worked on by many industry players.

Chatcasso won the first prize in the BNB Chain hackathon for creating an AI-powered tool for creating NFTs and won $5,000 in Binance USD (BUSD).

Chatcasso won first prize in BNB Chain hackathon, Seoul, Dec. 2022. Source: Twitter

However, ggoma was shocked to see Binance lauch a similar platform within a span of two months, as he stated:

“A big company like Binance copying everything down to the name? It's not only unethical, but it's also confusing for users. The names are so similar that it's hard to tell them apart.”

In addition, ggoma shared screenshots of the two projects in an attempt to showcase the similarities between the user interface and capabilities.

Screenshots showing similarities between Chatcasso and Bicasso platforms. Source: Twitter

Binance, however, maintains that the similarities does not imply theft of ideas. The exchange’s spokesperson told Cointelegraph:

“Despite the similarities, after conducting an internal review, we’re confident that Bicasso was designed and developed independently more than two weeks before the BNB hackathon.”

Moreover, Binance and BNB Chain operate separately and the Binance development team are not involved in BNB Chain hackathons, said the crypto exchange. On the other hand, ggoma showed displeasure with the similar names of the two platforms in question:

“A big company like Binance copying everything down to the name? It's not only unethical, but it's also confusing for users. The names are so similar that it's hard to tell them apart.”

Binance clarified to Cointelegraph that the name Bicasso was derived following inspiration from the OpenAI tool ‘Dall-E,’ which is a reference to the artist Dali, adding that “Our team loved this concept.”

The entire episode made ggoma skeptical of entering hackathons in the future as he wondered if his ideas would be rebranded by a market leader at a later stage. “We hope that Binance realizes the impact of their actions and takes steps to right their wrongs,” ggoma added while warning builders that “there are companies out there who will try to take advantage of your hard work.”

Binance’s Bicasso became an instant hit among NFT investors as the AI-powered NFT generator recorded 10,000 mints in 2.5 hours.

Related: Binance launches anti-scam campaign after Hong Kong pilot run

CZ recently warned investors that a photoshopped image with misinformation was being circulated on WeChat, a social media platform in China.

CZ further highlighted the importance of dismissing fear, uncertainty and doubt (FUD) and advised investors to ignore false allegations that crop up from time to time.

Chinese official gets life sentence for selling state secrets to pay crypto debts

Polygon and Mercy Corps bring blockchain to underserved communities

The Polygon network and Mercy Corps Ventures partnership target underserved communities in blockchain awareness and education initiatives.

Blockchain technology continues to make its way into mainstream view, as many companies adopt it as a part of their operations. With the push for adoption comes the simultaneous need for more education about the technology. 

A new partnership announced on March 2 between the Polygon blockchain network and Mercy Corps Ventures — the investment arm of the humanitarian organization Mercy Corps — focuses on bringing blockchain education and opportunities to underserved communities.

According to the announcement, the new partnership has three primary objectives in its effort to bring blockchain and Web3 solutions to “traditionally excluded and underserved communities.”

These objectives include funding blockchain pilots that enable access to the financial system, blockchain hackathons with developers serving users in emerging markets, and creating a blockchain boot camp roadshow in areas with a Mercy Corps presence.

The partners believe these efforts can help “provide educational and informational sessions for local educational institutions, NGOs [nongovernmental organizations] and other organizations looking to improve operations through blockchain technology.”

Last month, Mercy Corps Ventures launched its Crypto for Good Fund II, which aims to launch a series of pilots utilizing blockchain technology to drive global financial inclusion and further climate resiliency. The first iteration of the fund launched in 2022 with almost 200 applicants. 

Related: Crypto and blockchain education becomes priority at top universities

In light of the recent earthquake that devastated parts of Turkey and Syria, Mercy Corps was involved in a series of donations coming from the crypto community to deliver aid.

It reported receiving a 50/50 split of funds donated by the cryptocurrency exchange Binance, which at the time was around $60,000 in total.

Additionally, Ripple tweeted that it would be donating XRP (XRP) worth $1 million in light of the incident and highlighted Mercy Corps as one of the recipients of the funds. 

Mercy Corps responded to the donation in a tweet, thanking Ripple for supporting its teams on the ground in northwest Syria. Donations in cryptocurrencies during times of crisis have recently been proven as a way to amplify the speed and reach of needed funds. 

Chinese official gets life sentence for selling state secrets to pay crypto debts