Blockchain bug bounty platform Immunefi and the Ethereum Foundation today announced a partnership to launch a large-scale crowdsourced collaborative network audit of the Ethereum blockchain protocol called an “Attackathon.”
The Attackathon is aiming to be the largest-scale crowdsourced security audit contest conducted on the code of the Ethereum blockchain protocol. Ethereum is a decentralized, open-source blockchain platform first launched in 2015 that allows for programmable transactions, called smart contracts, that allow for a secure execution environment for cryptocurrency, financial applications, supply chain management, gaming, entertainment and more.
The Ethereum Foundation is a nonprofit community of organizations dedicated to fostering the protocol, its development and security, growing the ecosystem and advocating for Ethereum.
Immunefi runs one of the largest Web3 security communities with over 45,000 researchers and protects over $190 billion in user funds across established blockchain projects including Chainlink, Wormhole, MakerDAO, TheGraph, Polygon and Optimism. Immunefi has paid out some of the most significant bug bounties in the software industry, amounting to over $100 million.
The blockchain industry, and Ethereum in particular, is often a target of hackers looking to take advantage of vulnerabilities and exploits in smart contract software running on the blockchain within decentralized applications. The objective of the broad-scale audit is to help ensure the long-lasting health of the entire project by having numerous collaborators scour it for potential vulnerabilities. According to security research firm SlowMist’s 2024 mid-year report, the Ethereum ecosystem lost $400 million to exploits in the first half of 2024.
The Ethereum blockchain supports a cryptocurrency of the same name. It represents the second-largest market cap in the blockchain industry at more than $367 billion, right behind the Bitcoin blockchain with more than $1.125 trillion.
For comparison, according to SlowMist, the entire blockchain industry saw more than 223 security incidents, resulting in more than $1.43 billion in losses. This marks a more than 50% increase year-over-year from the $920 million lost in the first half of 2023.
“Ethereum is fundamentally transforming the world as we know it and will continue to do so,” said Mitchell Amador, founder and chief executive of Immunefi. “By leveraging our collective security expertise and resources, we aim to ensure the integrity and security of the Ethereum network.”
Immunefi and the Ethereum Foundation have invited the Ethereum community, including ecosystem projects and developers, to sponsor the enhancement of the protocol security by contributing to the reward pool. This pool, seeded with an initial $500,000 by both parties into a secure vault, will be distributed to participants in an Attackathon contest based on their contributions as bounties.
The sponsorship program will be closed with the reward pool locked by Aug. 1, after which the companies will provide further details about the Attackathon.