Shamir Secret Backup Scheme Bug Bounty

The New Bug Bounty program for Shamir Secret Backup Scheme has started. Right now you can submit your bug reports! At the conference, we will reward participants who have found flaws and vulnerabilities in the implementation of this scheme. Also, if you can hack the scheme completely, the main reward is already waiting for you at the bitcoin address.

To submit a bug report, open an issue on GitHub in a specific implementation in the PyBTC Python library or the JsBTC Javascript library.

Challenge

The 12-word original mnemonic code was split using the Shamir Secret Sharing scheme with 3 out of 5 threshold schemes were used. This means that any three shares are sufficient to restore the original mnemonic code. The goal is to break the Shamir Secret Sharing scheme or break the implementation of software for SSSS. We publish 2 of 3 shares needed to restore the original mnemonics.

You can find more details on the website.

Bug rewards

1 BTC – The whole scheme is hacked.

0.1 BTC – Any bug in the implementation of the presented secret sharing scheme that can lead to loss of access and the inability to recover the original mnemonic phrase.

from 0.05 BTC – Any other significant implementation bug. The exact reward amount is determined after analyzing the significance of the bug.

Good luck!