Right this moment we disclosed the primary set of vulnerabilities from the Ethereum Basis’s Bug Bounty program. These vulnerabilities had been beforehand found and reported on to the Ethereum Basis or shopper groups by means of the Bug Bounty program for each Government layer and Consensus layer.
By its Bug Bounty packages, which allow the Ethereum Basis (EF) to coordinate and cross-check vulnerabilities amongst shoppers, EF is presently accepting vulnerability reviews for Nimbus, Teku, Lighthouse, Prysm, Lodestar, Go Ethereum, Nethermind, Erigon, and Besa.
New repository and record of vulnerabilities
A full record of vulnerabilities, together with further info, could be discovered right here within the git repository right here.
New publication repository catalogs all identified vulnerabilities that had been patched earlier than the newest hardforks on the execution layer and consensus layer.
We wish to give massively shout out to everybody concerned within the discovery and reporting of vulnerabilities, in addition to to the groups liable for their elimination. Whereas we now have tried to incorporate the names or pseudonyms of the reporters, there are numerous builders and researchers inside shopper groups and the Ethereum Basis who’ve discovered and patched vulnerabilities outdoors of the bounty program. There are additionally many unsung heroes corresponding to shopper workforce builders, neighborhood members, and lots of others who spent numerous hours triaging, cross-checking, and mitigating vulnerabilities earlier than they might be exploited.
For extra info and to be taught extra about disclosure insurance policies, timelines, and cataloging, go to new publication repository.
Your great efforts have been essential in guaranteeing the safety of Ethereum. Thanks!