"Ethereum Offers Up To $1M Bounty for Critical Bug Reports"
Ethereum is offering a reward of up to $1 million to anyone who discovers merge-related critical vulnerabilities on its blockchain. The reward will be increased fourfold. A "merge" is an upgrade to a network. The process, which is expected to be completed by September 20, will convert the Ethereum blockchain's consensus mechanism from proof-of-work to proof-of-stake. Only genuine users are permitted to add new transactions to the blockchain, thanks to the consensus mechanism. It can accomplish this through the use of two algorithms known as proof-of-work and proof-of-stake. The primary distinction between the two is how they decide who can add transactions to the blockchain. The former requires miners to validate transactions. This process is slow, costly, and energy-intensive, but it has been tested on large-scale blockchains like Bitcoin. To verify transactions, the latter employs validators, or computers chosen based on the number of tokens they possess. This method is considered more secure because the validators have a vested interest in the security of the blockchain because they have spent money to purchase a significant amount of cryptocurrency. Because a validator node can be run on a standard laptop, proof-of-stake allows more users to participate in network consensus. Proof-of-work requires the use of costly digital mining equipment. According to Dan Sherrets, solutions architect at the bug bounty platform HackerOne, this decentralizes the network and is potentially good for security. However, proof-of-stake is more complicated and needs the collaboration of multiple pieces of software. This is not necessarily bad for security in and of itself, but it does introduce more opportunities for software bugs to cause problems across the network. This article continues to discuss the Ethereum offering up to $1 million bounty to white hat hackers who identify merge-related critical vulnerabilities on its blockchain.
BankInfoSecurity reports "Ethereum Offers Up To $1M Bounty for Critical Bug Reports"