Home Ethereum launches $2M ‘Attackathon’ security audit

Ethereum launches $2M ‘Attackathon’ security audit


  • Ethereum Foundation is launching "Attackathon," a hackathon with a $2 million reward pool to audit its codebase.
  • The four-week challenge invites security researchers to find vulnerabilities, with rewards for impactful reports.
  • Immunefi will compile findings into a report, and future hackathons will accompany major upgrades like "Pectra."

Ethereum’s (ETH) Ethereum Foundation is initiating its first hackathon, dubbed “Attackathon,” with a $2 million reward pool.

According to a July 8 announcement, the event aims to conduct a comprehensive security audit of the blockchain’s codebase through crowdsourcing. The Ethereum Protocol Security (EPS) team announced on July 8 that the four-week challenge will invite security researchers to seek vulnerabilities in the protocol’s code actively.

Participants must adhere to specific competition rules, with rewards granted only for impactful and compliant reports. The event will commence with a technical overview of Ethereum’s code to prepare participants for identifying potential vulnerabilities.

Upon conclusion, bug bounty platform Immunefi will compile the findings into a detailed vulnerability report. The EPS team has contributed $500,000 to the prize pool and is seeking sponsors to raise an additional $1.5 million by August 1, when further details will be released.

Not the last hackathon

Similar hackathons are planned for future hard forks to address codebase changes. The next major upgrade, “Pectra,” combining the “Prague” and “Electra” updates, is anticipated in late 2024 or early 2025.

Noteworthy upcoming features include a “social recovery” option, potentially eliminating the need for lengthy private wallet keys and introducing smart contract-like capabilities to wallets.

Hackathons and bug bounties are common in the crypto space, with many projects offering substantial rewards to ethical hackers. Immunefi’s platform displays bounties ranging from tens to hundreds of thousands of dollars, with LayerZero offering the highest reward at $15 million.

MakerDAO is not that far behind, with a $10 million bounty pool followed by SparkLend’s bug bounty reward pool at $5 million. Still, such bug bounties are far from being a new crypto fad.

As ReadWrite reported back in 2012 about Google offering a $1 million bug bounty pool for discovering vulnerabilities in its Google Chrome web browser. A full exploit of bugs in Chrome itself was prized at $60,000, a partial exploit that combines a Chrome bug with other bugs gets $40,000, and the consolation prize is $20,000 an exploit of Chrome using bugs in Flash, Windows or something else.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Radek Zielinski
Tech Journalist

Radek Zielinski is an experienced technology and financial journalist with a passion for cybersecurity and futurology.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.