Last week, after hacking at DEVCON1, Martin Swende became first on the leaderboard of the Ethereum Bounty Program. The bounty program, which is open to anyone, is ongoing, with the last bounty awarded being 5 BTC. Ethereum Contract BTC Relay is now included in the program , which is intended to highlight its ongoing security audit in the run-up to its launch. It is hoped that it will identify security issues such as accepting invalid blockheaders, false proofs, or invalid bitcoin transactions.
BTC Relay will pass along any sufficiently confirmed Bitcoin transaction to a specified Ethereum contract. If someone makes a Bitcoin payment, or any arbitrary transaction on the canonical Bitcoin blockchain, the relay should be able to send it to any specified Ethereum contract.
The BTC Relay has a separate open-source grant for bounties and it has been stated that major bugs will be rewarded up to 1 BTC. Higher rewards of up to 5 BTC will be awarded in the case of very severe vulnerabilities. Similarly, if there is a valid Bitcoin transaction which BTC Relay does not fully relay, that would also be eligible for bounties. Most of the rules for the Bounty Program now apply.
The scope is on the contract, the 5 “.se” files in this root directory. Not in scope is complete SPV client functionality (for example Bitcoin block timestamps are not checked to save gas costs). Better mechanisms for incentivization, gas cost and other algorithm optimization are similarly not in scope.
Apart from the monetary prize, other potential rewards include: listing on the Ethereum bounty leaderboard with points accumulating over the course of the program, a personal inscription in the Ethereum namereg once it’s live and an exclusive, limited edition Ethereum Bountyhunter t-shirt.
The bounty program will run for a few weeks before launching BTC Relay to Frontier. There is also a channel for BTC Relay, which is open to everyone.