In brief
- The Ethereum Foundation has boosted its rewards for bugs discovered in code related to the upcoming merge.
- “Critical bugs” disclosed to the network’s developers could net a bug bounty of up to $1 million, up from $250,000.
Ethereum’s long-awaited “merge” event is right around the corner, finally shifting the network away from its energy-intensive mining model. It’s years in the making, and Ethereum’s stewards want to make sure it goes off without a hitch—so they’re ready to spend some serious cash to encourage white hat hackers to find issues in advance.
Today, alongside the announcement of a new timeframe for the merge, the Ethereum Foundation revealed that it has quadrupled the bug bounties paid between now and September 8 for any merge-related network vulnerabilities discovered in that timeframe.
That means that any bugs deemed a “critical risk” that are disclosed to the Foundation will pay out up to $1 million in reward funds, as opposed to the usual going rate of $250,000. Likewise, “high risk” bugs will now net a bounty of up to $200,000, with “medium risk” bugs paying up to $40,000 and “low risk” bugs yielding up to an $8,000 reward.
The merge has been on the horizon for Ethereum users for several years now, as the network’s developers figured out how to safely transition to a secure consensus method that doesn’t require a proof-of-work mining model. During mining, users around the world use powerful computers to validate transactions and earn ETH cryptocurrency rewards as a result.
However, it’s a huge energy drain, and that consumption has been seen by many as a strike against the blockchain network amid growing use cases with DeFi, NFTs, and more.
Instead, the network will shift to what’s called a proof-of-stake consensus model, in which node operators hold a large amount of ETH within the network and earn rewards for validating transactions. The new model is expected to consume less than 1% of the amount of energy of the current network, according to the Ethereum Foundation.
The merge was previously estimated to take place on September 15 or 16, but today the Ethereum Foundation announced a window between September 10 and 20—which means it could happen even sooner than expected. The enhanced bug bounty will help ensure that no roadblocks further delay the long-promised transition.