[Wallet developers offer “on-chain bounty”, daring hackers can take away $430,000 in Bitcoin]The development team at Zengo Wallet has taken an innovative approach to its bug bounty program. Rather than paying the white hat hackers directly for discovering the vulnerability, they placed 10 Bitcoins (worth approximately $430,000) into an account they controlled. According to the January 7 announcement, any hacker who successfully transfers these Bitcoins will be allowed to keep the funds.This bounty will begin on January 9th and run for 15 days until January 24th. On January 9, the account address containing 1 Bitcoin (approximately $43,000) will be made public. On January 14, Zengo will add 4 Bitcoin ($172,000) and reveal a security factor to protect accounts. By January 21, 5 more Bitcoins ($215,000) will be added, bringing the total to 10 Bitcoins ($430,000), and a second security factor will be revealed. There are three security factors in this wallet.After the second security factor is revealed, hackers will have until 4pm UTC on January 24 to crack the wallet. If someone successfully cracks it during this period, they can keep the 10 Bitcoins.Zengo calls itself a mnemonic-less wallet. Users do not need to back up the mnemonic when creating an account, and the wallet does not store any keystore files. According to the official website, the Zengo wallet relies on the multi-party computation (MPC) network for transaction signatures and does not generate a private key. Instead, it creates two independent secret shares, which are stored on the user's mobile device and the MPC network respectively.User's shares are backed up through three-factor authentication (3FA). To restore sharing, they need to access an encrypted backup file on a Google or Apple account, use the email address they used when creating the wallet, and perform a facial scan on their mobile device.Zengo pointed out that there is another backup method for sharing the MPC network, and it has given the "master decryption key" to a third-party law firm. If the MPC network server goes offline, the firm will publish the key in a GitHub repository and the application will enter "recovery mode", allowing users to reconstruct the MPC network share corresponding to their account. After users obtain two shares, they can generate traditional private keys and import them into other wallet applications to recover their accounts.Zengo Chief Marketing Officer Elad Bleistein told Cointelegraph that he hopes this on-chain bounty will promote discussions on MPC technology in the encryption community. He noted that terms like MPC or TSS may be too abstract for the general public, and the Zengo Wallet Challenge will highlight the security advantages of MPC wallets over traditional hardware device alternatives.In the past year, wallet security issues have increasingly become a concern for the crypto community. For example, the Atomic Wallet was compromised, causing users to lose more than $100 million. The developer then launched a bug bounty program to improve security. Users of the Libbitcoin Explorer wallet library also reported being hacked in 2023, losing $900,000.
热点:Bitcoin CAN CHAIN
趣开心资讯