According to Foresight News, Uniswap Labs has launched an official bug bounty program for v4 with a reward of $15.5 million, incentivizing responsible vulnerability disclosure. All reports must be submitted directly to the v4 Bug Bounty page on Cantina within 24 hours of discovery.
The issues listed in the contract audit of the v4 repository that have not been deployed by Uniswap Labs, vulnerabilities in third-party contracts or applications using contracts deployed by Uniswap Labs, and previously flagged issues in internal reviews, competitions, and audits are not in the scope. The peripheral contracts of Uniswap v4 are currently out of scope but are expected to be added to the bug bounty program soon.
