Base

Cybersecurity experts have criticized the decentralized platform for searching for bugs and vulnerabilities OpenBounty. Analysts discovered that a platform associated with the CertiK company makes publicly available data about errors identified in projects.

Independent expert Pascal Caversaccio was the first to draw attention to OpenBounty’s work. He published a post sharply criticizing the platform, saying that developers were “leaking” confidential data online and posing a serious threat to the security of projects.

The analyst noted that OpenBounty publishes information about various vulnerabilities through transactions on the Shentu blockchain. Anyone can obtain data on the level of the identified threat, the location of the problematic code, and read the comments of the report’s author.