Authored by Phil Ngo
ChainSafe is happy to announce that we've been added to the Ethereum Foundation's consensus layer bug bounty program for Lodestar, our Typescript implementation of the Ethereum Consensus.
The consensus layer bug bounty is a discretionary rewards program for the Ethereum community to encourage and reward those helping to improve the platform. The program is focused on finding bugs in the core consensus layer Beacon Chain specification and the Lighthouse, Nimbus, Teku, Prysm, and now Lodestar client implementations.
This inclusion is an important step toward Lodestar playing a bigger role in Ethereum client diversity as the fifth production-ready client.
In addition, part of Lodestar's mission is enabling light clients, which will further decentralize and propagate trustless, verifiable data to network users. Participating in this program will foster greater durability in our client - and, by extension, contribute to a more robust network.
The Lodestar Bug Bounty Program will be valid from v0.34.0+ until otherwise noted. The program is geared toward uncovering spec non-compliance issues, unexpected crashes or denial of service (DOS) vulnerabilities, and any issues causing irreparable consensus splits from the rest of the network.
As the newest client to join, Lodestar bugs are eligible for rewards. However, until further audits have been completed, the amounts are limited to 10% (max payout is 5,000 DAI). Bug reports may be shared with other Ethereum Consensus teams or researchers to determine their validity and eligibility and ensure it has not already been submitted.
For details on how to submit a bug, reward tiers, rules, and other considerations, please visit the official Ethereum Foundation page.
Have questions? We'd be happy to answer! Just hop into the ChainSafe Discord ⭐️#-lodestar-general channel.
ChainSafe is a leader in blockchain development and infrastructure solutions for the open web. We're supporting the multi-chain future by building client implementations for Ethereum, Filecoin, Polkadot, and Mina, upgrading the web3.js library, and working on a gaming SDK that connects NFTs to Unity. We're also building a decentralized cloud storage application, bootstrapping a multi-chain bridging protocol, and have loads of other stuff in the works! To learn more, click here.