The day of Ethereum merging is approaching. Engineers from all over the globe are trying to find bugs in the Ethereum network before the main event to receive up to $1 million. Read more about the merge and how to become a part of it.
For those of you who are not yet familiar with what the fuss is all about, we have an article with key takeaways on what to expect from the upcoming merge.
Many of you have heard of the term "Bug Bounty" and what stands behind the program. It is a deal offered by many websites, organizations, and IT companies by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
The Ethereum team is not an exception. Their "Bug Bounty" program spans end-to-end: from soundness of protocols (such as the blockchain consensus model, the wire and p2p protocols, proof-of-work, proof-of-stake, etc) and protocol/implementation compliance to network security and consensus integrity. Client security as well as security of cryptographic primitives (used for building cryptographic protocols) are also part of the Ethereum "Bug Bounties" program.
Until the recent announcement on Ethereum’s official website, the program was offering payments of up to $250,000 and a place on its leaderboard to hackers who uncovered critical errors.
Ethereum "Bug Bounties" program price list.
Today the Ethereum team is offering $1 million to the talent who will find a critical issue in the Ethereum network.
Information from the Ethereum website.
Their team mostly focuses on the Ethereum Specifications type of bugs such as:
• Safety/finality-breaking bugs
• Denial of service (DOS) vectors
• Inconsistencies in assumptions, like situations where honest validators can be slashed
• Calculation or parameter inconsistencies
• Safety/finality-breaking bugs
• Denial of service (DOS) vectors
• Inconsistencies in assumptions, like situations where honest validators can be slashed
• Calculation or parameter inconsistencies
Client bugs, for instance:
• Spec non-compliance issues
• Unexpected crashes, Remote code execution or denial of service (DOS) vulnerabilities
• Any issues causing irreparable consensus splits from the rest of the network
• Spec non-compliance issues
• Unexpected crashes, Remote code execution or denial of service (DOS) vulnerabilities
• Any issues causing irreparable consensus splits from the rest of the network
Solidity bugs and Deposit Contract bugs are mentioned as well.
"Ethereum's transition to proof-of-stake has been a loooong time coming. Thank you to everyone who contributed to researching, specifying, developing, analyzing, testing, breaking, fixing, or explaining everything that got us to The Merge. There have been far too many contributors over the years to list here, but you know who you are. Without all of you in the bazaar, we wouldn't have built this cathedral." - stated on the Ethereum website.
The main goal of the Ethereum "Bug Bounties" program is to get rid of all possible issues and bugs that might affect the long-awaited Merge event, to be held between September 10th and September 20th.