Ethereum Foundation Doubles ETH2.0’s Maximum Bug Bounty Reward to $20k

Quick take:

• The release of the highly anticipated ETH2.0 is scheduled for July this year.
• To further guarantee the robustness of the upgrade, the Ethereum Foundation has doubled the reward for Critical bugs to $20,000.
• Only the core ETH2 specs are in scope.

Bug bounties are a pivotal method of cryptocurrency projects to guarantee

that their inhouse software developers did not overlook an aspect of instrumental code before launching a product. The bounties reward those who identify bugs and report them in a timely manner. The Ethereum Foundation currently has a running bug bounty that rewards freelance developers or teams that identify vulnerabilities in the protocol and clients.

Ethereum Foundation Doubles Rewards to $20k for Critical Bugs

With the launch of ETH2.0 scheduled for July of this year, the Ethereum Foundation has announced that it will be doubling rewards for critical bugs to $20,000. The team further explains that the increment will incentivize developers to find and report bugs in the core ETH2 Phase 0 specs prior to the mainnet launch. The announcement

by the ETH foundation further elaborated on this as follows.

Starting today all rewards in the Phase 0 Pre-Launch Bounty Program are being doubled for a maximum of $20k for critical bugs!

This program is designed to incentivize you to find and report bugs in the core Eth2 Phase 0 specs prior to mainnet launch.

The Ethereum Foundation will run this program from now until just prior to the Phase 0 mainnet launch. After Phase 0 is in production, we will transition Phase 0 bounties to the standard Ethereum Bounty Program.

Terms/Rules of the Bug Bounty

Additionally, the Ethereum Foundation provided the following rules for the reporting of bugs in anticipation of the launch of ETH2.0.

• Only Critical bugs will qualify for the $20,000 amount.
• Only the core eth2 specs are in scope.
• The scope includes Phase 0 Beacon Chain and Phase 0 Fork Choice specs in the master branch.
• Known issues are not eligible.
• Anonymous submission can be made but are not eligible for the reward.
• The Ethereum Foundation reserves the right to judge the validity and severity level of the reported bug.
• Awards can be redeemed in ETH or DAI.
• ETH2 Clients can participate but the scrutiny will be higher to avoid a situation where the process can be manipulated such as bugs being introduced specifically for the reward.