The foundation is looking to hire a variety of security and auditing professionals, both for the software and the general model of the upcoming upgrade.
Among the potential team’s tasks will be “fuzzing, bounty hunting, pager duty,” which directly relates to software security management.
Fuzzing is a bug searching technique that involves feeding garbage data to software in order to trigger a non-standard response. Many of the bugs found today in the web are due to improper input sanitation, where special types of inputs may be interpreted as machine code or simply produce undesired behavior. Fuzzing helps find these critical points and update the code to prevent potentially catastrophic bugs.
The security team will also be doing more theoretical work on formal verification of cryptographic algorithms. This process will seek to mathematically prove that a certain algorithm is secure. Economic modeling experts are also sought by the foundation.
Ramping up security
With the final stages of preparation for Ethereum 2.0 Phase 0 underway, heavy emphasis is now being placed on the network’s security.
The Ethereum Medalla testnet, the first to be fully maintained by the community, is due for launch on Tuesday after locking in the required number of validators ahead of deadline.
Mainnet launch will follow at an unspecified date when developers feel confident with the network’s stability.