Mar 08

Launch of our Bounty Program: win 1.337 BTC

Win 1.337 BTC and 13 Nano S Bounty Edition

 

We’re thrilled to announce that we’re officially starting the Ledger Bounty Program!

Ledger embraces the famous Kerckhoff’s principle: the security of our products does not rely on obscurity, and even though our security team is striving to develop the most secure hardware wallet in the market, there’s always a chance that we might have missed something. Our Bounty program aims at collecting your (precious!) help and , if you ever discover a security related bug, to reward you.

In order to celebrate the official launch of our Bounty Program, we’re kicking off by organizing a 2-stage cryptography-related security challenge:

  • The first stage is a Capture The Flag (CTF) Qualification
  • The second stage is a dedicated Hardware Bounty

 

CTF Qualifications

The Capture The Flag challenge will be launched on the 20th of March at 12:00 PM CET. This qualification step consists in 3 different security & cryptography-related security challenges. 

Winners of the CTF qualifications will qualify for the second stage of the challenge and will be rewarded with one of the 13 special edition Ledger Nano S wallets. To qualify as a winner, participants need to be:

  • Either the first participant to find a correct answer to one of the three challenges; or
  • One of the 10 best ranked participants – with the following ranking system: each problem solved gives 1 point; players with the same number points are ranked according to the time spent.

 

Hardware Bounty

Qualified players will be able to participate to the second round of the challenge. The second round is a dedicated Hardware bounty: we’ll ship to each qualified players a sample of the hardware bounty containing 1.337 BTC! Retrieve the key & get the money – it’s as simple as that 🙂

More details on the Hardware bounty:

  • Our hardware bounty is a simple USB token which computes Elliptic curves scalar multiplication signatures (secp256k1) using the private key of a Bitcoin wallet containing 1.337 BTC;
  • The Hardware bounty is a specially modified Nano device. There is no PIN code and the hardware does not embed all the countermeasures of the Nano S; and
  • The key is inside the hardware bounty application, and as soon as the user pushes the button, an ECDSA signature is performed.

Retrieve the key and get the money. Another prize from the CTF challenge: you’ll will be invited to a job interview at Ledger!

 

Rules

  • The CTF challenge will start the 20th of March at 12:00 PM CET
  • More instructions of the Challenge will be given on this page.

 

Charles Guillemet, Chief Security Officer