At the moment, we disclosed the primary set of vulnerabilities from the Ethereum Basis’s Bug Bounty Packages. These vulnerabilities have been beforehand found and reported on to the Ethereum Basis or shopper groups by way of the Bug Bounty Packages for each the Execution Layer and Consensus Layer.
By its Bug Bounty Packages, which permit the Ethereum Basis (EF) to coordinate and cross-check vulnerabilities throughout purchasers, the EF at present accepts vulnerability stories for Nimbus, Teku, Lighthouse, Prysm, Lodestar, Go Ethereum, Nethermind, Erigon and Besu.
New repository & vulnerability checklist
The complete checklist of vulnerabilities, together with further data, might be discovered in a git repository here.
The brand new disclosures repository catalogues all recognized vulnerabilities that have been patched previous to the newest hardforks on the Execution Layer and Consensus Layer.
We want to give a large shout out to everybody concerned within the discovery and reporting of vulnerabilities, in addition to to the groups answerable for fixing them. Whereas we’ve got tried to incorporate the names or aliases of the reporters, there are lots of builders and researchers inside the shopper groups and within the Ethereum Basis who discovered and corrected vulnerabilities exterior of the bounty program. There are additionally many unsung heroes resembling shopper staff builders, neighborhood members, and plenty of extra who’ve spent numerous hours triaging, cross-checking, and mitigating vulnerabilities earlier than they might be exploited.
For extra data, and to study extra about disclosure insurance policies, timelines, and cataloging, head over to the brand new disclosures repository.
Your immense efforts have been instrumental to making sure Ethereum’s safety. Thanks!