[ANN] [HACKEN] FIRST DECENTRALIZED MARKETPLACE FOR WHITE HAT HACKERS

[loremipsum]

This projects looks promising. Im reading your whitepaper.

In the meantime, I already registered for translation and twitter bounties!

Good luck with your project

[1714158403]

1714158403

[1714158403]

1714158403

[1714158403]

1714158403

[1714158403]

1714158403

[1714158403]

1714158403

[klixion]

When will the signature campaign codes available?  Thanks.

[Hacken Project]

I could not understand the reason of this project. What is decentralize in it, Hackers or HKN token. What is the need of decentralized in this field? And How will HKN token and decentralization is helpful because of this project. Please elaborate.

If you need Hindi translation and moderation. I can help.

The big idea behind Hacken is that it turns each owner of Hackens into a community member. Because Hacken is a specialized software utility token, being primarily focused on cybersecurity professionals and projects, it will also bring these people together by providing incentives for doing business with one another and for investment in cybersecurity startups. These people will need to communicate and interact with each other in order to make use of their Hackens. The more vibrant the community is, the more value it delivers to each member.

Hacken (HKN) is an ERC20 token, which is the only payment tool allowed in the Hacken Ecosystem. Buying Hackens today, will allow one to receive high quality cybersecurity services in the future, at an attractive price.


Yes, Hindi language is welcome.

Please send us the overview of your previous translation experience. Use this email address for that - kissngerbounty@gmail.com

So, May I say that Hacken is a token to buy-sell cybersecurity services. But how Hacken Ecosystem help security professional and consumer linked with each other? What type of services or products can be distributed through blockchain technology and not by traditional markets.

Yes, you are right!Simply to say -Hacken is a token to buy-sell cybersecurity services.
Here is how Hacken Ecosystem help security professional and consumer linked with each other and about use of blockchain:

We are building platform, that is providing Cebersecurity services, and when clients of our platform sign the bug bounty program agreement, our team creates a relevant blockchain block containing data about the product, the terms of service agreement and a timestamp.
The next block of the chain, which is specific to this client, will contain information on vulnerabilities, discovered during our security research.
Also we will build Cybersecurity Analytics Center, with such areas of research: Blockchain security, vulnerabilities and countermeasures.
All services are charged ONLY in Hackens.

Ok, now the picture is somewhat clearer. Clients will use the Hacken platform and submit their product information and use Hacken Token for payment. I assume that only data related to product is shared on blockchain not the product release and source files itself. Now, if a white hacker find bugs or vulnerabilities where he/she will share this information, on the blockchain or to some centralized servers? Who will authenticate that found bugs etc are relevant and hacker has to be paid for this? And what if other hacker found more bugs in the same product? Will he/she paid again for this?

Thank you for your question - her is answer for it:
Your question consists of a number of separate questions of their own. We answer them in the order in which they are mentioned in your post:
‘I assume that only data related to product is shared on blockchain not the product release and source files itself’
This assumption is correct. We only use blockchain to issue HackenProof Vulnerabilities and Countermeasures Certificate and to prove authenticity of its contents ( number of vulnerabilities was fixed, client reaction) and timestamps. We store no customer sensitive information in the blockchain.
Now, if a white hacker finds bugs or vulnerabilities, where he/she will share this information, on the blockchain or to some centralized servers?
The researcher will share this information to our web portal HackenProof platform via bug bounty participant panel.
Who will authenticate that found bugs etc are relevant and hacker has to be paid for this?
The technical team of the client will investigate the vulnerabilities and determine whether they are relevant. The terms and rules of the bug bounty program will be stipulated by the document called policy.
Policy will contain all the information covering the depth and scope of the work to be performed by the researchers. It will explain to researchers what the customer needs.
We will also use policy as a proof of the customer’s intentions in an unlikely event of conflict between the client and the researcher regarding the relevance of the vulnerability that was discovered. If the client disagrees with our understanding of the policy, the incident will be submitted to the Public Board of Trustees of Hacken Ecosystem for further mediation.
And what if other hacker found more bugs in the same product? Will he/she paid again for this?
We are not sure we understand this question. The bug bounty program can have as many participants as the clients decides. They will be all submitting bug reports, which will be sorted chronologically and grouped by the issues covered.
The purpose of the bug bounty program is to discover as many bugs as possible within the scope determined by the client. Each participant of the bug bounty program gets paid proportionally to the number of bugs discovered, reported and accepted by the client.

[Hacken Project]

Ok, now the picture is somewhat clearer. Clients will use the Hacken platform and submit their product information and use Hacken Token for payment. I assume that only data related to product is shared on blockchain not the product release and source files itself. Now, if a white hacker find bugs or vulnerabilities where he/she will share this information, on the blockchain or to some centralized servers? Who will authenticate that found bugs etc are relevant and hacker has to be paid for this? And what if other hacker found more bugs in the same product? Will he/she paid again for this?

A good question...
when somebody sells a bug, and some other one buys it....why dont know if the buyer will use the info for good intention.
To be honest from what i read till now this will be a marketplace for hacker selling.....not just "white"....it will be like a black market for  ways to penetrate systems....info that are not used only for "white hacking"..
If i got the project right.
But i maybe wrong

Unreported Zero Day Remuneration Platform will acquire original and previously unreported zero-day research affecting major operating systems, software and devices, e.g. binary vulnerabilities.
The research submitted to Zero Day Remuneration Platform will be available via subscription feed. The access to Zero Day Subscription is now regulated in some jurisdictions and will be limited primarily to vendors and law enforcement agencies. The Platform will be subject to annual audit by one of the major auditing organizations.
Do you really think we will work for several years to acquire reputation and recognition in zero day cybersecurity market, which is very conservative, and then risk it all for a one time profit?

[Hacken Project]

When will the signature campaign codes available?  Thanks.

Hallo!
Signature campaign codes could be find here -
https://medium.com/@hacken/hacken-bounty-campaign-6eaf46f956db

signature bounty section

[klixion]

When will the signature campaign codes available?  Thanks.

Hallo!
Signature campaign codes could be find here -
https://medium.com/@hacken/hacken-bounty-campaign-6eaf46f956db

signature bounty section

Thank you Hacken Project.  I see it now and am wearing the signature.  It looks like i'm the first person to sign up for the signature campaign.  Makes me feel special.  haha.   

[sonulrk]

I could not understand the reason of this project. What is decentralize in it, Hackers or HKN token. What is the need of decentralized in this field? And How will HKN token and decentralization is helpful because of this project. Please elaborate.

If you need Hindi translation and moderation. I can help.

The big idea behind Hacken is that it turns each owner of Hackens into a community member. Because Hacken is a specialized software utility token, being primarily focused on cybersecurity professionals and projects, it will also bring these people together by providing incentives for doing business with one another and for investment in cybersecurity startups. These people will need to communicate and interact with each other in order to make use of their Hackens. The more vibrant the community is, the more value it delivers to each member.

Hacken (HKN) is an ERC20 token, which is the only payment tool allowed in the Hacken Ecosystem. Buying Hackens today, will allow one to receive high quality cybersecurity services in the future, at an attractive price.


Yes, Hindi language is welcome.

Please send us the overview of your previous translation experience. Use this email address for that - kissngerbounty@gmail.com

So, May I say that Hacken is a token to buy-sell cybersecurity services. But how Hacken Ecosystem help security professional and consumer linked with each other? What type of services or products can be distributed through blockchain technology and not by traditional markets.

Yes, you are right!Simply to say -Hacken is a token to buy-sell cybersecurity services.
Here is how Hacken Ecosystem help security professional and consumer linked with each other and about use of blockchain:

We are building platform, that is providing Cebersecurity services, and when clients of our platform sign the bug bounty program agreement, our team creates a relevant blockchain block containing data about the product, the terms of service agreement and a timestamp.
The next block of the chain, which is specific to this client, will contain information on vulnerabilities, discovered during our security research.
Also we will build Cybersecurity Analytics Center, with such areas of research: Blockchain security, vulnerabilities and countermeasures.
All services are charged ONLY in Hackens.

Ok, now the picture is somewhat clearer. Clients will use the Hacken platform and submit their product information and use Hacken Token for payment. I assume that only data related to product is shared on blockchain not the product release and source files itself. Now, if a white hacker find bugs or vulnerabilities where he/she will share this information, on the blockchain or to some centralized servers? Who will authenticate that found bugs etc are relevant and hacker has to be paid for this? And what if other hacker found more bugs in the same product? Will he/she paid again for this?

Thank you for your question - her is answer for it:
Your question consists of a number of separate questions of their own. We answer them in the order in which they are mentioned in your post:
‘I assume that only data related to product is shared on blockchain not the product release and source files itself’
This assumption is correct. We only use blockchain to issue HackenProof Vulnerabilities and Countermeasures Certificate and to prove authenticity of its contents ( number of vulnerabilities was fixed, client reaction) and timestamps. We store no customer sensitive information in the blockchain.
Now, if a white hacker finds bugs or vulnerabilities, where he/she will share this information, on the blockchain or to some centralized servers?
The researcher will share this information to our web portal HackenProof platform via bug bounty participant panel.
Who will authenticate that found bugs etc are relevant and hacker has to be paid for this?
The technical team of the client will investigate the vulnerabilities and determine whether they are relevant. The terms and rules of the bug bounty program will be stipulated by the document called policy.
Policy will contain all the information covering the depth and scope of the work to be performed by the researchers. It will explain to researchers what the customer needs.
We will also use policy as a proof of the customer’s intentions in an unlikely event of conflict between the client and the researcher regarding the relevance of the vulnerability that was discovered. If the client disagrees with our understanding of the policy, the incident will be submitted to the Public Board of Trustees of Hacken Ecosystem for further mediation.
And what if other hacker found more bugs in the same product? Will he/she paid again for this?
We are not sure we understand this question. The bug bounty program can have as many participants as the clients decides. They will be all submitting bug reports, which will be sorted chronologically and grouped by the issues covered.
The purpose of the bug bounty program is to discover as many bugs as possible within the scope determined by the client. Each participant of the bug bounty program gets paid proportionally to the number of bugs discovered, reported and accepted by the client.

Thanks for your detail answer. What is more important is you take every question and answer it. I want to clarify my last question:

Let say a client hire Hacken platform to check its product vulnerability. Client paid bug bounty to Hacken platform to be release to successful candidate. Hacken platform propagate information regarding this project on blockchain. Now assume there are 10 bugs (I know that no body knows about exact number of bugs) with severity: 1 critical, 2 high, 3 low, 2 blocker and 2 trivial. One hacker found all but critical bug. He/she reports 9 bugs in the system. He/she gets paid. One hour later other hacker reports 6 bugs as 1 critical, 2 high and 3 low.

Will he be paid? Or he should not report as bug bounty is closed?

The question from @Maxicripto is also relevant. Why are we here? Just because of decentralize-trustless environment. Where law of code works not trust. In the Hacken platform we have to trust the negotiation servers and at the end humans. So first they have to be decentralize one way or another. But in my opinion it is technically impossible for a code to negotiate between real parties in the current scenario. So at least information should be encrypted and/or in a vault until client (if code is private) or client and public (if code is public) is satisfied. But my above question is still valid.

Regards,

Lalit

[sud]

Good to see all those question aswered with details. I learned a lot about the project thanks to this discussion.

[egetrorx]

reserving croatian translation

[Sterben]

Each bug found can be used right against you if the hacker knows what he's doing. Some of the black hat ones doesn't even care about the money they would receive as long as they can taste the power of taking control over things. Just my vision, there is nothing wrong in this project @root
A good opportunity for hackers to find each other in one community don't you think?

[Hotachy]

Mr. Robot very nice
Very interesting project, want to read WP!

[REorEVOLUTION]

interesting idea. there is certainly a market for it

[brownfly]

A project is backed by russian and ukrainian teams and without involvement of any major cyber security company. Are you kidding me???

[Hacken Project]

Unreported Zero Day Remuneration Platform will acquire original and previously unreported zero-day research affecting major operating systems, software and devices, e.g. binary vulnerabilities.
The research submitted to Zero Day Remuneration Platform will be available via subscription feed. The access to Zero Day Subscription is now regulated in some jurisdictions and will be limited primarily to vendors and law enforcement agencies. The Platform will be subject to annual audit by one of the major auditing organizations.
Do you really think we will work for several years to acquire reputation and recognition in zero day cybersecurity market, which is very conservative, and then risk it all for a one time profit?

I would not be surprised , in this damn world , a lot of unbelievable things have happed.
However your previous answer to @sonulrk have clarified some aspects to the project...
And by the way , take it easy , we are just asking question to know this project better. I didnt point the finger, i just got posted a doubt that i had, nothing more...

MaxiCripto, we appreciate your interest and questions. However we putting all our energy  and time to launch this "world changing" service in cyber security, so we're taking it seriously.
Feel free to ask any questions - we are happy to answer them

[Hacken Project]

reserving croatian translation

Yes, Croatian language is welcome.

Please send us the overview of your previous translation experience. Use this email address for that - kissngerbounty@gmail.com

[Hacken Project]

I could not understand the reason of this project. What is decentralize in it, Hackers or HKN token. What is the need of decentralized in this field? And How will HKN token and decentralization is helpful because of this project. Please elaborate.

If you need Hindi translation and moderation. I can help.

The big idea behind Hacken is that it turns each owner of Hackens into a community member. Because Hacken is a specialized software utility token, being primarily focused on cybersecurity professionals and projects, it will also bring these people together by providing incentives for doing business with one another and for investment in cybersecurity startups. These people will need to communicate and interact with each other in order to make use of their Hackens. The more vibrant the community is, the more value it delivers to each member.

Hacken (HKN) is an ERC20 token, which is the only payment tool allowed in the Hacken Ecosystem. Buying Hackens today, will allow one to receive high quality cybersecurity services in the future, at an attractive price.


Yes, Hindi language is welcome.

Please send us the overview of your previous translation experience. Use this email address for that - kissngerbounty@gmail.com

So, May I say that Hacken is a token to buy-sell cybersecurity services. But how Hacken Ecosystem help security professional and consumer linked with each other? What type of services or products can be distributed through blockchain technology and not by traditional markets.

Yes, you are right!Simply to say -Hacken is a token to buy-sell cybersecurity services.
Here is how Hacken Ecosystem help security professional and consumer linked with each other and about use of blockchain:

We are building platform, that is providing Cebersecurity services, and when clients of our platform sign the bug bounty program agreement, our team creates a relevant blockchain block containing data about the product, the terms of service agreement and a timestamp.
The next block of the chain, which is specific to this client, will contain information on vulnerabilities, discovered during our security research.
Also we will build Cybersecurity Analytics Center, with such areas of research: Blockchain security, vulnerabilities and countermeasures.
All services are charged ONLY in Hackens.

Ok, now the picture is somewhat clearer. Clients will use the Hacken platform and submit their product information and use Hacken Token for payment. I assume that only data related to product is shared on blockchain not the product release and source files itself. Now, if a white hacker find bugs or vulnerabilities where he/she will share this information, on the blockchain or to some centralized servers? Who will authenticate that found bugs etc are relevant and hacker has to be paid for this? And what if other hacker found more bugs in the same product? Will he/she paid again for this?

Thank you for your question - her is answer for it:
Your question consists of a number of separate questions of their own. We answer them in the order in which they are mentioned in your post:
‘I assume that only data related to product is shared on blockchain not the product release and source files itself’
This assumption is correct. We only use blockchain to issue HackenProof Vulnerabilities and Countermeasures Certificate and to prove authenticity of its contents ( number of vulnerabilities was fixed, client reaction) and timestamps. We store no customer sensitive information in the blockchain.
Now, if a white hacker finds bugs or vulnerabilities, where he/she will share this information, on the blockchain or to some centralized servers?
The researcher will share this information to our web portal HackenProof platform via bug bounty participant panel.
Who will authenticate that found bugs etc are relevant and hacker has to be paid for this?
The technical team of the client will investigate the vulnerabilities and determine whether they are relevant. The terms and rules of the bug bounty program will be stipulated by the document called policy.
Policy will contain all the information covering the depth and scope of the work to be performed by the researchers. It will explain to researchers what the customer needs.
We will also use policy as a proof of the customer’s intentions in an unlikely event of conflict between the client and the researcher regarding the relevance of the vulnerability that was discovered. If the client disagrees with our understanding of the policy, the incident will be submitted to the Public Board of Trustees of Hacken Ecosystem for further mediation.
And what if other hacker found more bugs in the same product? Will he/she paid again for this?
We are not sure we understand this question. The bug bounty program can have as many participants as the clients decides. They will be all submitting bug reports, which will be sorted chronologically and grouped by the issues covered.
The purpose of the bug bounty program is to discover as many bugs as possible within the scope determined by the client. Each participant of the bug bounty program gets paid proportionally to the number of bugs discovered, reported and accepted by the client.

Thanks for your detail answer. What is more important is you take every question and answer it. I want to clarify my last question:

Let say a client hire Hacken platform to check its product vulnerability. Client paid bug bounty to Hacken platform to be release to successful candidate. Hacken platform propagate information regarding this project on blockchain. Now assume there are 10 bugs (I know that no body knows about exact number of bugs) with severity: 1 critical, 2 high, 3 low, 2 blocker and 2 trivial. One hacker found all but critical bug. He/she reports 9 bugs in the system. He/she gets paid. One hour later other hacker reports 6 bugs as 1 critical, 2 high and 3 low.

Will he be paid? Or he should not report as bug bounty is closed?

The question from @Maxicripto is also relevant. Why are we here? Just because of decentralize-trustless environment. Where law of code works not trust. In the Hacken platform we have to trust the negotiation servers and at the end humans. So first they have to be decentralize one way or another. But in my opinion it is technically impossible for a code to negotiate between real parties in the current scenario. So at least information should be encrypted and/or in a vault until client (if code is private) or client and public (if code is public) is satisfied. But my above question is still valid.

Regards,

Lalit

 After researcher submit report - the technical team of the client will investigate the vulnerabilities and determine whether they are relevant. The terms and rules of the bug bounty program will be stipulated by the document called Policy.
Policy will contain all the information covering the depth and scope of the work to be performed by the researchers. It will explain to researchers what the customer needs. By default only first researcher who report a vulnerability  receive a reward.

[blacktux88]

Dear Community are the offers how tos for white hack guides

thanks

[Hacken Project]

Each bug found can be used right against you if the hacker knows what he's doing. Some of the black hat ones doesn't even care about the money they would receive as long as they can taste the power of taking control over things. Just my vision, there is nothing wrong in this project @root
A good opportunity for hackers to find each other in one community don't you think?

They already work in groups.
By creating marketplace we want to give white hats opportunity to earn money for their work and a chance to bring benefits to community.

[Hacken Project]

Mr. Robot very nice
Very interesting project, want to read WP!

Here you are:

https://hacken.io/common/files/HackenWP.pdf

[meccaflare0]

Ok this coin caught my eye. I want to see how this develops. Good luck