Ethereum’s Attackathon: Auditing the Blockchain’s Security

Ethereum’s (ETH) Ethereum Foundation is initiating its first hackathon, dubbed “Attackathon,” with a $2 million reward pool.

According to a July 8 announcement, the event aims to conduct a comprehensive security audit of the blockchain’s codebase through crowdsourcing. The Ethereum Protocol Security (EPS) team announced on July 8 that the four-week challenge will invite security researchers to seek vulnerabilities in the protocol’s code actively.

Participants must adhere to specific competition rules, with rewards granted only for impactful and compliant reports. The event will commence with a technical overview of Ethereum’s code to prepare participants for identifying potential vulnerabilities.

Upon conclusion, bug bounty platform Immunefi will compile the findings into a detailed vulnerability report. The EPS team has contributed $500,000 to the prize pool and is seeking sponsors to raise an additional $1.5 million by August 1, when further details will be released.

Not the last hackathon

Similar hackathons are planned for future hard forks to address codebase changes. The next major upgrade, “Pectra,” combining the “Prague” and “Electra” updates, is anticipated in late 2024 or early 2025.

Noteworthy upcoming features include a “social recovery” option, potentially eliminating the need for lengthy private wallet keys and introducing smart contract-like capabilities to wallets.

Hackathons and bug bounties are common in the crypto space, with many projects offering substantial rewards to ethical hackers. Immunefi’s platform displays bounties ranging from tens to hundreds of thousands of dollars, with LayerZero offering the highest reward at $15 million.

MakerDAO is not that far behind, with a $10 million bounty pool followed by SparkLend’s bug bounty reward pool at $5 million. Still, such bug bounties are far from being a new crypto fad.

As ReadWrite reported back in 2012 about Google offering a $1 million bug bounty pool for discovering vulnerabilities in its Google Chrome web browser. A full exploit of bugs in Chrome itself was prized at $60,000, a partial exploit that combines a Chrome bug with other bugs gets $40,000, and the consolation prize is $20,000 an exploit of Chrome using bugs in Flash, Windows or something else.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top