Can the right alignment of incentives encourage better blockchain bug reporting?
Thatâs the goal of Hydra, a new effort funded by the National Science Foundation Graduate Research Fellowship and designed by a team of researchers including Lorenz Breidenbach, Phil Daian and Ari Juels from Cornell, and Florian Tramer from Stanford.
Announced today at ethereumâs annual developer conference, Devcon3, the Hydra project is novel in that its contracts aim to automatically and programmatically offer those who report a bug higher rewards than theyâd get if they exploited one. In this way, if a userâs smart contract hack would result in a reward of 100 tokens, Hydra would pay out 1,000 tokens if he or she reported it instead.
As such, the project offers a potential solution to an incentive problem common in smart contract development. A popular tool for open-source projects, many times payouts simply make the bad behavior more lucrative.
Hydra tweaks the incentives, however, testing how the nascent concept of crypto-economics â simply, the study of cryptocurrency economies â might encourage people to report bugs they identify.
But rather than condemning the actions of bad actors, Daian sees Hydra as a solution that blends pragmatism and smart programming.
Daian said:
âLetâs see this as a game. What would a rational attacker do with these systems? Say an attacker finds a bug: would they attack or would they claim the bounty?â
But while many will be excited to start playing around with the system, released in alpha today, Daian stressed that itâs still nascent technology that might not be safe for storing funds.
He said, âThe code is here for you to play with. But trusting funds with this baby Hydra weâve spun up â not good idea.
Image via Rachel Rose-OâLeary for CoinDesk
