Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Secured #4: Bug Bounty Rewards now up to $250,000 USD

    July 8, 2026

    Ripple expands European footprint as XRP ETF inflows extend to eight weeks

    July 8, 2026

    China wants a yuan stablecoin, but why?

    July 8, 2026
    X (Twitter) Instagram YouTube LinkedIn
    X (Twitter) Instagram YouTube LinkedIn
    Block Hub News
    • Lithosphere News Releases
    • Crypto
    • Ethereum
    • Bitcoin
      • Litecoin
      • Altcoins
      • Coinbase
    • Blockchain
    Block Hub News
    Home ยป Secured #4: Bug Bounty Rewards now up to $250,000 USD
    Ethereum

    Secured #4: Bug Bounty Rewards now up to $250,000 USD

    Olivia MartinezBy Olivia MartinezJuly 8, 2026No Comments4 Mins Read
    Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Reddit
    Share
    Facebook Twitter LinkedIn Pinterest Email Copy Link



    The Ethereum Foundation Bug Bounty Program is one of the earliest and longest running programs of its kind. It was launched in 2015 and targeted the Ethereum PoW mainnet and related software. In 2020, a second Bug Bounty Program for the new Proof-of-Stake Consensus Layer was launched, running alongside the original Bug Bounty Program.

    The split of these programs is historic due to the way the Proof-of-Stake Consensus Layer was architected separately and in parallel to the existing Execution Layer (inside the PoW chain). Since the launch of the Beacon Chain in December of 2020, the technical architecture between the Execution Layer and the Consensus Layer has been distinct, except for the deposit contract, so the two bug bounty programs have remained separated.

    In light of the coming Merge, today we are happy to announce that these two programs have been successfully merged by the awesome ethereum.org team, and that the max bounty reward has been substantially increased!

    Merge (of the Bug Bounty Programs) โœจ

    With The Merge approaching, the two previously disparate bug bounty programs have been merged into one.

    As the Execution Layer and Consensus Layer become more and more interconnected, it is increasingly valuable to combine the security efforts of these layers. There are already multiple efforts being organized by client teams and the community to further increase knowledge and expertise across the two layers. Unifying the Bounty Program will further increase visibility and coordination efforts on identifying and mitigating vulnerabilities.

    Increased Rewards ๐Ÿ’ฐ

    The max reward of the Bounty Program is now 250,000(paidoutinETHorDAI)forvulnerabilitiesinscope.UpgradesliveonpublictestnetsandtargetedforaMainnetreleasearealsoscope,andrewardsaredoubledduringthistime,whichmeansthatthemaxrewardis250,000 (paid out in ETH or DAI) for vulnerabilities in scope. Upgrades live on public testnets and targeted for a Mainnet release are also scope, and rewards are doubled during this time, which means that the max reward is 250,000(paidoutinETHorDAI)forvulnerabilitiesinscope.UpgradesliveonpublictestnetsandtargetedforaMainnetreleasearealsoscope,andrewardsaredoubledduringthistime,whichmeansthatthemaxrewardis500,000 during these periods!

    In total, this marks a 10x increase from the previous maximum payout on Consensus Layer bounties and a 20x increase from the previous max payout on Execution Layer bounties.

    Impact Measurement ๐Ÿ’ฅ

    The Bug Bounty Program is primarily focused on securing the base layer of the Ethereum Network. With this in mind, the impact of a vulnerability is in direct correlation to the impact on the network as a whole.

    While, for example, a Denial of Service vulnerability found in a client being used by <1% of the network would certainly cause issues for the users of this client, it would have a higher impact on the Ethereum Network if the same vulnerability existed in a client used by >30% of the network.

    Visibility ๐Ÿ‘€

    In addition to the merge of the bounty programs and increase of the max reward, multiple steps have been taken to clarify how to report vulnerabilities.

    Github Security

    Repositories such as ethereum/consensus-specs and ethereum/go-ethereum now contain information on how to report vulnerabilities in SECURITY.md files.

    security.txt

    security.txt is implemented and contains information about how to report vulnerabilities. The file itself can be found here.

    DNS Security TXT

    DNS Security TXT is implemented and contains information about how to report vulnerabilities. This entry can be viewed by running dig _security.ethereum.org TXT.

    How can you get started? ๐Ÿ”จ

    With nine different clients written in various languages, Solidity, the Specifications, and the deposit smart contract all within the scope of the bounty program, there is a plenty for bounty hunters to dig into.

    If you’re looking for some ideas of where to start your bug hunting journey, take a look at the previously reported vulnerabilities. This was last updated in March and contains all the reported vulnerabilities we have on record, up until the Altair network upgrade.

    We’re looking forward to your reports! ๐Ÿ›



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Olivia Martinez

    Related Posts

    Finalized no. 35 | Ethereum Foundation Blog

    July 8, 2026

    Wrapping up Devconnect, looking ahead!

    July 8, 2026

    Ropsten Merge Announcement | Ethereum Foundation Blog

    July 8, 2026
    Leave A Reply Cancel Reply

    Demo
    Top Posts

    Kraken sues Etana over $25m client fund theft

    May 9, 2026

    Serpent upgrades: More Fun Stuff

    May 9, 2026

    Hayden Davis sent millions in crypto weeks before LIBRA promo

    May 9, 2026

    Google Chrome secretly installs 4GB AI model

    May 9, 2026
    Don't Miss

    Secured #4: Bug Bounty Rewards now up to $250,000 USD

    By Olivia MartinezJuly 8, 2026

    The Ethereum Foundation Bug Bounty Program is one of the earliest and longest running programs…

    Ripple expands European footprint as XRP ETF inflows extend to eight weeks

    July 8, 2026

    China wants a yuan stablecoin, but why?

    July 8, 2026

    Finalized no. 35 | Ethereum Foundation Blog

    July 8, 2026
    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Demo
    X (Twitter) Instagram YouTube LinkedIn
    Our Picks

    Secured #4: Bug Bounty Rewards now up to $250,000 USD

    July 8, 2026

    Ripple expands European footprint as XRP ETF inflows extend to eight weeks

    July 8, 2026

    China wants a yuan stablecoin, but why?

    July 8, 2026
    Most Popular

    Kraken sues Etana over $25m client fund theft

    May 9, 2026

    Serpent upgrades: More Fun Stuff

    May 9, 2026

    Hayden Davis sent millions in crypto weeks before LIBRA promo

    May 9, 2026

    Type above and press Enter to search. Press Esc to cancel.