You Can Now Get $1 Million for Finding Bug in Ethereum's Merge Upgrade

The Ethereum Foundation has boosted its bug bounty program ahead of the Merge upgrade.

It beefed up the top cash bounty to a whopping $1 million for the most critical vulnerabilities. This is four times bigger than the usual reward for high-impact bugs.

Security researchers will be able to collect the most generous payouts until Sept. 8.

The Ethereum Foundation announced a new bounty program focused specifically on Ethereum 2.0 back in October 2020.

Later, the Ethereum Foundation increased rewards ahead of the launch of the Beacon Chain, the backbone of the proof-of-stake version of Ethereum.

According to the blog post, the Bellatrix upgrade, which will kick off the Merge, is expected to go live around Sept. 6. Ethereum is expected to fully transition to proof of stake next month, which means that the network will no longer require any mining equipment.

The announcement about overly generous bug bounties comes after Ethereum developer Peter Szilagyi recently took to Twitter to reveal that a vulnerability had been discovered in Geth 1.10.22. A hotfix to patch the recently discovered bug was published earlier today.

Last August, the Ethereum blockchain was split due to a severe bug discovered in the Geth software that could have been catastrophic for the network.

In May, Wormhole paid a $10 million bounty to an anonymous white-hat hacker who discovered a critical vulnerability. Aurora shelled out $6 million to award an ethical hacker in June.

In February, MakerDAO launched a bug bounty program that offers rewards of up to $10 million.