Merge pull request #13164 from ethereum/bug-bounty-update

refactor: move dep bugs to new card on /bug-bounty [Fixes #11570]

Author: wackerow

src/intl/en/page-bug-bounty.json

@@ -3,7 +3,7 @@
   "page-upgrades-bug-bounty-annotations": "It might be helpful to check out the following annotations:",
   "page-upgrades-bug-bounty-client-bugs": "Client bugs",
   "page-upgrades-bug-bounty-client-bugs-desc": "Clients run the Ethereum Network, and they need to follow the logic set out in the specification and be secure against potential attacks. The bugs we want to find are related to the implementation of the protocol.",
-  "page-upgrades-bug-bounty-client-bugs-desc-2": "Currently execution layer clients (Besu, Erigon, Geth and Nethermind) and consensus layer clients (Lighthouse, Lodestar, Nimbus, Teku and Prysm) are included in the Bug Bounty Program. More clients may be added as they complete audits and become production ready. Currently, <a href=\"https://github.com/ethereum/c-kzg-4844\" target=\"_blank\" rel=\"noreferrer\">c-kzg-4844</a> and <a href=\"https://github.com/crate-crypto/go-kzg-4844\" target=\"_blank\" rel=\"noreferrer\">go-kzg-4844</a> are also included in the bug bounty program.",
+  "page-upgrades-bug-bounty-client-bugs-desc-2": "Currently execution layer clients (Besu, Erigon, Geth and Nethermind) and consensus layer clients (Lighthouse, Lodestar, Nimbus, Teku and Prysm) are included in the Bug Bounty Program. More clients may be added as they complete audits and become production ready.",
   "page-upgrades-bug-bounty-clients": "Clients featured in the bounties",
   "page-upgrades-bug-bounty-clients-type-1": "Spec non-compliance issues",
   "page-upgrades-bug-bounty-clients-type-2": "Unexpected crashes, RCE or denial of service (DOS) vulnerabilities",
@@ -13,6 +13,8 @@
   "page-upgrades-bug-bounty-misc-bugs-desc-2": "Solidity does not hold security guarantees regarding compilation of untrusted input – and we do not issue rewards for crashes of the solc compiler on maliciously generated data.",
   "page-upgrades-bug-bounty-deposit-bugs": "Deposit Contract bugs",
   "page-upgrades-bug-bounty-deposit-bugs-desc": "The specifications and source code of the Beacon Chain Deposit Contract is part of the bug bounty program.",
+  "page-upgrades-bug-bounty-dependency-bugs": "Dependency bugs",
+  "page-upgrades-bug-bounty-dependency-bugs-desc": "Certain dependencies are crucial for the Ethereum Network to function, and some of these have been added to the bug bounty program. Currently, the list of dependencies included in the bug bounty program are C-KZG-4844 and Go-KZG-4844.",
   "page-upgrades-bug-bounty-docking": "merge",
   "page-upgrades-bug-bounty-email-us": "Email us:",
   "page-upgrades-bug-bounty-help-links": "Helpful links",

src/pages/bug-bounty.tsx

@@ -681,6 +681,29 @@ const BugBountiesPage = () => {
                 </InlineLink>
               </Box>
             </StyledCard>
+            <StyledCard
+              emoji=":bug:"
+              title={t("page-upgrades-bug-bounty-dependency-bugs")}
+              description={t("page-upgrades-bug-bounty-dependency-bugs-desc")}
+            >
+              <Box>
+                <OldHeading
+                  as="h4"
+                  fontWeight="medium"
+                  lineHeight={1.4}
+                  fontSize={{ base: "md", md: "xl" }}
+                >
+                  {t("page-upgrades-bug-bounty-help-links")}
+                </OldHeading>
+                <InlineLink href="https://github.com/ethereum/c-kzg-4844">
+                  C-KZG-4844
+                </InlineLink>
+                <br />
+                <InlineLink href="https://github.com/crate-crypto/go-kzg-4844">
+                  Go-KZG-4844
+                </InlineLink>
+              </Box>
+            </StyledCard>
           </StyledCardContainer>
           <H2>{t("page-upgrades-bug-bounty-not-included")}</H2>
           <Text>{t("page-upgrades-bug-bounty-not-included-desc")}</Text>