Ethereum 2.0 Bug Bounty Program Goes Live
- The program was created with the aim to find and fix potential bugs in Phase 0 of Ethereum 2.0’s beacon chain.
- Developers can start working on the attacknets and earn rewards for their discoveries, suggestions, and fixes.
Illustration from Freepik
On October 9, Ethereum researcher Danny Ryan announced the launch of the Eth2 bounty program, stating that the spec and attacknet programs are now deprecated in favor of the general program for all of Ethereum 2.0.
In the tweet, Ryan shared the link to the new bug bounty program, officially announcing its beginning and urging coders to test it out. According to information on the page, the Eth2 Bounty Program will provide bounties for finding bugs in the first stage of Ethereum 2.0, a major upgrade to Ethereum’s core consensus.
Developers will be able to earn various rewards for finding vulnerabilities and get a place on a special leaderboard. The program also has a list of the set rules and rewards that are known at present. The system works with the so-called “bounty points” that represent the importance of each bug found by the community. According to the Ethereum Foundation, 1 bounty point will trade for 2 USD, that could be paid in either ETH or DAI (which could be changed without any prior notice).
According to the information provided, programmers will be able to receive bounty points for each issue they find within the software. Depending on how important their discovery is for the network, they can earn up to 25,000 points. Right now, the reward sizes are separated into 4 categories of severity:
- Critical: up to 25,000 points
- High: up to 10,000 points
- Medium: up to 5,000 points
- Low: up to 1,000 points
The final score is also considered based on three other factors – quality of description, quality of reproducibility, and quality of fix. Clear and well-written submissions will accumulate more points for the developer, with the prize increasing even further if a test code, scripts, and detailed instructions are included. Coders that are diligently describing how to fix certain issues will be able to claim additional rewards.
As the bug bounty program is focused on finding bugs in Phase 0 of Ethereum 2.0, enthusiasts will be able to review the prysm, lighthouse, and teku implementations within the beacon chain. The Ethereum community has yet to receive further information on how the bounties will be paid out, as local laws might require additional proof of identity and other documentation.
- MetaMask Bridges was designed to aggregate multiple blockchain bridges in one place, making it easier and more secure for users to transfer their assets from one network to another.
- The new feature currently supports the Ethereum, Avalanche, BNB Chain, and Polygon blockchains, as well as the Connext, Hop, Celer cBridge, and Polygon Bridge.
Shutterstock
- Over the weekend the Ethereum PoW network fell victim to a replay exploit, with the attacker executing the same transaction on two chains at the same time.
- The exploit was caused by a contract vulnerability in the Omni cross-chain bridge, and did not affect the ETHW network itself.
- Ethereum’s PoS upgrade, also known as the Merge, was executed at 06:44 AM UTC on 15 September, combining the existing blockchain with the parallel Beacon Chain.
- The move has reduced Ethereum’s energy consumption by more than 99%, which is equal to 0.2% of the global electricity consumption.