Bug bounty quadruples for Ethereum network — Up to $1M payouts ahead of Merge

Related articles

The Ethereum Basis has introduced will probably be growing the community’s bug bounty payouts fourfold forward of the blockchain’s transition to proof-of-stake.

In a Wednesday weblog submit, the Ethereum Basis said between Aug. 24 and Sept. 8, all “Merge-related bounties for vulnerabilities” will probably be quadrupled for white hats testing the community. In keeping with the inspiration, figuring out “crucial bugs” — people who have a excessive impression or probability of a excessive impression on the blockchain — will probably be price as much as $1 million. The bounty program additionally permits submissions for low, medium and high-risk bugs.

As a part of the transition to proof-of-stake, the inspiration mentioned the Ethereum Network “should first be activated on the Beacon Chain with the Bellatrix improve,” an occasion anticipated to occur on Sept. 6, with the Merge seemingly following between Sept. 10 and 20. Core builders beforehand announced a tentative Merge date of Sept. 15 when the Whole Terminal Problem, or TTD — the problem of the ultimate mined block — will set off the tip of proof-of-work and the beginning of proof-of-stake.

“The incremental issue added per block depends on the community hash fee, which is unstable,” mentioned the inspiration. “If extra hash fee joins the community, TTD will probably be reached sooner. Equally, if hash fee leaves the community, TTD will probably be reached later.”

Supply: Ethereum Basis

The muse added that Ether (ETH) holders and customers largely didn’t have to take any motion previous to the Merge apart from to “be looking out for scams.” Mining will now not be attainable following the transition, whereas stakers and node operators will each have to run an execution layer shopper, with the latter doing so with a consensus layer shopper.

In July 2020, the Ethereum Basis introduced it had launched public “assault networks” for Ethereum 2.0 for white hats to try to take advantage of potential points within the shoppers, providing a $5,000 bounty on the time. Nonetheless, in August 2021, a vulnerability affecting earlier variations of considered one of Ethereum’s software program shoppers, Geth, caused more than half the network’s nodes to separate. The Merge would require the newest model of Geth as an execution shopper.

Associated: MakerDAO launches biggest ever bug bounty with $10M reward

Different tasks have supplied as much as $1 million or extra in bug bounties geared toward discovering exploits ensuing within the theft  or threat of dropping hundreds of thousands, as Sky Mavis did in April 2022 following a $600-million hack on the Ronin Community. In June, Ethereum bridging and scaling resolution Aurora paid a $6-million bounty to a white hat hacker who found a crucial bug.