Hello, Jutta writing once more – I initially launched myself after we began the bounty program earlier this 12 months and I’m blissful to give you an replace on what’s occurring on the safety facet prior and all through launch.
We’ve had some prime quality submissions by bounty hunters – kudos for the artistic exploits despatched alongside that the bugs made potential. The variety of submissions just lately rose. Therefore we determined and are saying that we are going to proceed the bounty program a minimum of all through the Frontier part of Ethereum’s launch plan – see Gav’s and Vinay’s respective weblog posts.
Please go to our bounty web site for extra info on the bounty program and ensure take a look at our lead hunter’s repository right here for useful testing scripts earlier than beginning the hunt.
Not solely will we depend on particular person bug hunters and the group: along with EthDev’s Gustav Simonsson, I had began the method of choosing skilled safety specialists, lecturers and blockchain specialists for our exterior safety audits late final 12 months. Gustav is now working with auditors and the Ethereum Go dev staff to trace all safety points tagged right here and work out fixes for them. We need to preserve good monitor of all points and solely shut them as soon as absolutely resolved and options sufficiently examined. Each bug we discover is taken care of and will likely be mounted earlier than Frontier launch. Be happy to comply with us on github if you wish to control the progress.
The primary spherical of labor from safety auditors is ending in a few weeks, and bug fixing is already properly underway. Working by means of all points will take the time it takes. It’s a security-driven not schedule-driven course of, in spite of everything.