Metamask, a crypto wallet, and gateway to blockchain apps, announced its partnership with HackerOne, a leader in Attack Resistance Management (ARM)—for its security bounty program.
This partnership of Hackerone with MetaMask will allow working with the security community to find vulnerabilities in the wallet and stay ahead of Web3 threats through the bounty program.
HackerOne blends the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement to find and close gaps in the ever-evolving digital attack surface. This allows ethical hackers to disclose wallet vulnerabilities to their team and get rewarded for their efforts.
The program also follows its recent partnership with Asset Reality to help MetaMask scam victims recover stolen assets.
MetaMask is aware of the numerous scamming and phishing attempts in Web3, and this is one of many recent improvements its team has made to combat the nefarious activities that continue to plague the industry.
How It Works
Steps if you identified a potential security vulnerability in their products or services
- Create a HackerOne account
- Submit a report through the platform. The report should include a detailed description of your discovery, concise reproducible steps, or a working proof of concept.
- Be patient with the process while we carefully address the issue and don’t disclose it publicly as this is a private program. Learn more about vulnerability disclosures here.
Rewards are based on severity per CVSS (the Common Vulnerability Scoring Standard).
MetaMask is a global community of developers and designers dedicated to making the world a better place with blockchain technology.
In 2012, hackers and security leaders formed HackerOne because of their passion for making the internet safer. Today, as the leader in Attack Resistance Management (ARM), blends the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement to find and close gaps in the ever-evolving digital attack surface.