There’s a $10,000 reward for breaking Facebook’s cryptocurrency

Find a bug, get a prize.
Find a bug, get a prize.
Image: REUTERS/Dado Ruvic
We may earn a commission from links on this page.

Facebook’s proposed cryptocurrency, Libra, is ready for a trial by fire.

The Libra Association, the membership-only Swiss organization established by Facebook to steward its currency, announced today (Aug. 27) it was launching a public bug bounty program for the planned digital currency scheduled to launch in early 2020. Tasked with managing the Libra network and reserves, the association will offer security researchers up to $10,000 for reporting critical bugs. Facebook will provide the funds, according to the association

“If people are going to rely on Libra for their everyday financial needs, it is critical that the infrastructure behind it be dependable and safe,” wrote Michael Engle, head of Libra’s developer ecosystem in a blog post. “Our rewards program is designed to encourage members of the security community to dig deep, helping us find even the most subtle bugs.”

With the bug bounty program, Facebook has entered the next phase of development for Libra, despite intense regulatory backlash. The company previously invited 50 security researchers to study the network before opening it up for public scrutiny through HackerOne, a cybersecurity testing service. HackerOne allows a variety of payout methods, including an array of global currencies and bitcoin. The service has been employed by other companies prominent in the cryptocurrency world, such as (aka EOS), the Tron Foundation, and Blockchain, a crypto wallet provider.

Companies want to discover bugs before launching blockchain services because it’s difficult to adjust course once they’re out in the wild. Pushing updates to users and cajoling participants to agree on changes can disrupt a network and quickly erode confidence in a cryptocurrency, resulting in price declines.

Although a handful of partners have reportedly backed away from public support for Libra, the bug bounty program demonstrates that Facebook remains committed to its digital currency plans. Still, it remains a long way from launching the actual crypto. Indeed, if Libra were a car, this would be akin to letting seasoned auto mechanics play with it at low speeds on a closed course. There’s no customer money on the line yet, just (presumably) shareholder dollars from Facebook.

Libra’s a long way from prime time, but the bug bounty program shows that Facebook is approaching the digital currency cautiously and trying to build public support. The Libra Association did not disclose the total allotment for the bug bounty program.