Ethereum Foundation doubled bug bounty to $500k for mainnet's Shapella upgrade
With Ethereum’s much-anticipated Shapella upgrade coming closer, the Ethereum Foundation has increased the bug bounty for developers to find vulnerabilities.
The security researcher at the Ethereum Foundation, Fredrik Svantes revealed that the maximum bug bounty for identifying a vulnerability in the Shapellam, also referred to as Shanghai-Capella upgrade, has been doubled from $250,000 to $500,000 between now and the time of the fork.
This is not the first time Ethereum Foundation announced increasing the bug bounty for Ethereum upgrade. Back in 2022, while “The Merge” was happening, the foundation increased payouts fourfold ahead of the blockchain’s transition to proof-of-stake for all “Merge-related bounties for vulnerabilities” for white hats testing the network.
Ethereum Foundation’s bug bounty program includes protocols and protocol/implementation compliance to network security and consensus integrity.
The final testing for the Shapella upgrade was executed on March 14th on the Goerli test network with setting the stage for staked ETH withdrawals to activate on the mainnet. However, the Goerli testnet initially experienced low network participation after its upgrade as less than two-thirds of validators had upgraded their software clients in time, while a majority of testnet validators updated their nodes following the update. The Shapella finalized the very next day, enabling Goerli users to fully or partially withdraw their staked ETH.
The upgrade momentum is in full swing and is scheduled to go live mainnet on April 12th at block number 6,209,536. While the main focus centers around Ethereum Improvement Proposal-4895, it will also encompass other improvements that aim to optimize gas costs for certain activities. The developers have encouraged all the Ethereum node operators to upgrade their nodes in advance of the upgrade.