Hello, Jutta writing once more – I initially launched myself after we began the bounty program earlier this yr and I’m completely happy to offer you an replace on what’s taking place on the safety aspect prior and all through launch.
Now we have had some top quality submissions by bounty hunters – kudos for the inventive exploits despatched alongside that the bugs made doable. The variety of submissions lately rose. Therefore we determined and are asserting that we are going to proceed the bounty program no less than all through the Frontier part of Ethereum’s launch plan – see Gav’s and Vinay’s respective weblog posts.
Please go to our bounty website for extra data on the bounty program and ensure take a look at our lead hunter’s repository here for useful testing scripts earlier than beginning the hunt.
Not solely will we depend on particular person bug hunters and the group: along with EthDev’s Gustav Simonsson, I had began the method of choosing skilled safety consultants, lecturers and blockchain consultants for our exterior safety audits late final yr. Gustav is now working with auditors and the Ethereum Go dev workforce to trace all safety points tagged here and work out fixes for them. We need to maintain good observe of all points and solely shut them as soon as totally resolved and options sufficiently examined. Each bug we discover is taken care of and can be mounted earlier than Frontier launch. Be happy to observe us on github if you wish to regulate the progress.
The primary spherical of labor from safety auditors is ending in a few weeks, and bug fixing is already nicely underway. Working by all points will take the time it takes. It’s a security-driven not schedule-driven course of, in any case.
