The Protocol Security Research Team and the Ecosystem Funding Initiative at the Ethereum Foundation are pleased to announce the launch of the first Ethereum protocol Attackathon with a reward pool of $1,500,000, hosted by Immunefi. The attackathon runs between November 25th and January 20th and aims to enhance the security of the Ethereum protocol through a large-scale crowdsourced security audit competition.
We invite the entire Ethereum community — from auditing firms to individual security researchers — to participate in this important event to help secure the Ethereum Protocol.
You can get started on your journey into understanding the Ethereum Protocol via live and pre-recorded technical walkthroughs through the Academy.
The Attackathon is co-sponsored by:
- Bybit
- Wormhole
- Arbitrum
- The Graph
- GMX
- Base
What is an Attackathon?
The Attackathon is a time-bound audit challenge to bolster the security of the Ethereum protocol. It begins with an educational phase where participants receive instruction on the protocol’s code via live technical walkthroughs and educational content from the Attackathon Academy. This phase ensures that participants are well-prepared to identify and understand potential vulnerabilities.
During the Attackathon, security researchers will actively search for vulnerabilities in the protocol’s code. They will follow specific rules set for the competition, and only impactful and rule-compliant reports will be rewarded. This phase focuses on real-time problem-solving and applying the knowledge gained during the initial phase.
After the Attackathon, Immunefi will evaluate and compile the findings into an official report. This report will detail the vulnerabilities discovered and highlight the top researchers, celebrating their contributions and expertise.
Interested in working full time in Public Good Security?
The Ethereum Foundation’s Protocol Security Research team is now looking for two Security Engineers: Apply