The Ethereum Foundation has launched a four-week audit contest for its next network upgrade, Fusaka, offering up to $2 million in rewards for security researchers who uncover bugs before the hard fork reaches mainnet, potentially as soon as the fourth quarter.
Hosted on web3 security platform Sherlock and co-sponsored by Gnosis and Lido, the bug program runs from Sept. 15 through Oct. 13, with 2x rewards multipliers in week one and 1.5x in week two, according to a blog post.
Sherlock previously led large-scale Ethereum audit contests and helped review last year’s Pectra bytecode changes, part of a push to pair collaborative audits with standing bounties to improve pre-mainnet assurance.
The contest is designed to maximize scrutiny of Fusaka’s code and surface vulnerabilities early. Post-mortems on valid findings will be compiled into an official report. Outside the contest, the Foundation’s ongoing Ethereum Bug Bounty program continues to pay up to $250,000 for broader protocol issues.
Fusaka’s upgrade bundles roughly a dozen EIPs focused on security, throughput, and efficiency, headlined by Peer Data Availability Sampling, which distributes blob data checks across nodes to expand capacity for rollups. The upgrade remains targeted for late 2025, though Foundation co-executive director Tomasz Stańczak has warned that timelines could slip without tighter coordination.
