$UNI
Uniswap Labs has launched an official bug bounty program worth $15.5 million for version 4, aimed at incentivizing responsible security researchers to disclose vulnerabilities. All discovered vulnerabilities must be submitted directly to the v4 Bug Bounty page on Cantina within 24 hours of discovery. The official statement clearly states that the following situations are not covered by this bug bounty program: third-party contracts not deployed by Uniswap Labs, issues listed in the contract audits within the v4 repository, vulnerabilities in third-party contracts or applications using contracts deployed by Uniswap Labs, and issues flagged in previous internal reviews, competitions, and audits. In addition, the peripheral contracts of Uniswap v4 are currently not within the scope of the bug bounty program, but the official expects to add them to the program soon.