Jutta’s replace on bug bounty program and safety audit


Hello, Jutta writing once more – I initially launched myself once we began the bounty program earlier this 12 months and I’m completely happy to offer you an replace on what’s occurring on the safety facet prior and all through launch.

We now have had some top quality submissions by bounty hunters – kudos for the artistic exploits despatched alongside that the bugs made doable. The variety of submissions not too long ago rose. Therefore we determined and are asserting that we’ll proceed the bounty program a minimum of all through the Frontier section of Ethereum’s launch plan – see Gav’s and Vinay’s respective weblog posts.

Please go to our bounty web site for extra data on the bounty program and ensure try our lead hunter’s repository right here for useful testing scripts earlier than beginning the hunt.

Not solely can we depend on particular person bug hunters and the neighborhood: along with EthDev’s  Gustav Simonsson, I had began the method of choosing skilled safety specialists, teachers and blockchain specialists for our exterior safety audits late final 12 months. Gustav is now working with auditors and the Ethereum Go dev group to trace all safety points tagged right here and work out fixes for them. We need to preserve good observe of all points and solely shut them as soon as totally resolved and options sufficiently examined. Each bug we discover is taken care of and might be fastened earlier than Frontier launch. Be at liberty to observe us on github if you wish to keep watch over the progress.

The primary spherical of labor from safety auditors is ending in a few weeks, and bug fixing is already nicely underway. Working by way of all points will take the time it takes. It’s a security-driven not schedule-driven course of, in any case.


Please enter your comment!
Please enter your name here