Hello, Jutta back again – I first presented myself when we initiated the bounty program earlier this year and I’m pleased to share an update regarding the security aspects before and during the launch.
We have received some outstanding submissions from bounty hunters – hats off for the inventive exploits contributed due to the vulnerabilities identified. The quantity of submissions has recently increased. Therefore, we have decided to announce that we will extend the bounty program at least for the entirety of the Frontier phase of Ethereum’s launch strategy – refer to Gav’s and Vinay’s respective blog posts.
For additional details regarding the bounty program, please visit our bounty site and ensure to check our lead hunter’s repository here for useful testing scripts before you commence your hunt.
We not only depend on individual bug hunters and the community: in collaboration with EthDev’s Gustav Simonsson, I initiated the process of selecting professional security specialists, scholars, and blockchain authorities for our external security audits late last year. Gustav is currently collaborating with auditors and the Ethereum Go development team to monitor all security concerns marked here and to devise solutions for them. We intend to maintain a precise record of all issues, closing them only once they are completely addressed and mitigations adequately tested. Each vulnerability discovered is addressed and will be remedied prior to the Frontier release. Feel free to follow us on GitHub if you wish to stay updated on the progress.
The initial phase of contributions from security auditors will conclude in a few weeks, and bug remediation is already well in progress. Resolving all issues will take as long as necessary. This process is driven by security rather than a timeline, after all.
