Uniswap, the largest decentralized exchange (DEX), has announced a $15.5 million bounty for anyone who points out vulnerabilities in its v4 update. This sets a new record for the most bug bounties ever offered, surpassing the $15 million offered by LayerZero.
However, this reward includes several conditions, and Uniswap will only offer full payment for a “critical” vulnerability that does not include third-party contracts or applications.
Recompensa por bugs na Uniswap v4
Uniswap recently offered a substantial bounty for identifying code vulnerabilities. Specifically, the company is looking for weaknesses in the core capabilities of its major v4 upgrade. The DEX also released a blog post with more details about the program:
Today, we are excited to launch a $15.5 million bounty, the largest in history, for vulnerabilities found in Uniswap v4 core contracts. Uniswap v4 is already among the most reviewed codes in DeFi, with nine independent audits. As the rollout approaches, we are taking an extra step to ensure v4 is as secure as possible, the published post said.
In fact, Uniswap’s claim to be the largest “bug bounty” ever offered is somewhat ambiguous. In the past, some platforms have offered large rewards to successful hackers, incentivizing them to return stolen funds. Last year, Mixin Network called its $20 million incentive for hackers a “bug bounty,” but the company used the term somewhat inappropriately.
In this case, Uniswap is only offering payments for identifying a vulnerability, not a ransom for exploitation. In this context, the $15.5 million offer is actually significant: earlier this year, Solana offered just $1 million for a similar program. In other words, the company may see the continued security of v4 as essential to Uniswap’s success.
This substantial offering may come from a place of trust. As mentioned, Uniswap has conducted nine independent code audits and held a $2.35 million security competition. Fortune claims that the DEX chose $15.5 million to outbid LayerZero, which offered a $15 million bounty last year. This high bounty, then, may just be a way to stand out.
Either way, this large bounty comes with important caveats. First, a hacker cannot claim a vulnerability in any third-party contract or application, even those deployed by Uniswap Labs. Second, they cannot list unresolved issues that previous audits have identified. Finally, only a “critical” bug receives the full payout, with minor risks receiving between $1 million and $100,000.
The article Uniswap v4 Offers $15.5 Million Reward for Critical Bugs appeared first on BeInCrypto.
