Saturday, December 7, 2024
HomeBug BountyUniswap Labs to Offer $15.5 Million Bounty for Bug Hunters

Uniswap Labs to Offer $15.5 Million Bounty for Bug Hunters

Published on

SIEM as a Service

Uniswap Labs has launched a $15.5 million bug bounty program to ensure the security of its latest protocol, Uniswap v4.

This substantial bounty is the largest ever offered in the history of the DeFi sector. Uniswap v4 represents the latest evolution of the Uniswap Protocol, marking a significant transformation into a comprehensive developer platform.

This iteration introduces “hooks,” enabling developers to create customizable contracts that dictate interactions between pools, swaps, fees, and liquidity provider (LP) positions.

- Advertisement - SIEM as a Service

The introduction of hooks is set to unlock new market structures and broaden the range of assets available on the platform, thereby serving more users effectively.

Aside from the technological advancements, Uniswap v4 promises cost efficiency, with pool creation costs expected to be reduced by 99.99% and notable savings on multi-hop swaps for traders.

Developed with a collaborative spirit, the v4 codebase has been shaped by contributions from over 90 developers and hundreds of community pull requests.

Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.

A Focus on Security

Security is a paramount concern for Uniswap Labs, which is underscored by the rigorous code reviews and audits that Uniswap v4 has undergone.

The protocol has been scrutinized through nine independent audits by industry-leading firms like OpenZeppelin, Spearbit, and Certora.

Additionally, a $2.35 million security competition was held, engaging over 500 researchers, with no critical vulnerabilities discovered to date.

The launch of the $15.5 million bug bounty aims to further fortify the protocol’s security ahead of its deployment.

By inviting ethical hackers and developers to examine the Uniswap v4 core contracts, Uniswap Labs is taking proactive steps to ensure any potential vulnerabilities are identified and addressed promptly.

The bug bounty encompasses vulnerabilities within the Uniswap v4 core contracts, accessible through the project’s GitHub repository.

However, it excludes third-party contracts not deployed by Uniswap Labs, previously identified issues in audits, and third-party applications utilizing Uniswap contracts. The periphery contracts of Uniswap v4 will be added to the program shortly.

To participate, bug hunters must submit their findings via the v4 Bug Bounty Page on Cantina within 24 hours of discovery, ensuring confidentiality until any issues are resolved.

Detailed reports, including reproduction steps and possible implications, increase the likelihood of eligibility for a reward. Successful contributors can opt for public recognition for their discoveries.

The $15.5 million bug bounty program is live, inviting the global community of developers and researchers to explore the v4 codebase.

Interested participants can find further details and submission requirements on the v4 Bug Bounty Page on Cantina. This initiative underscores Uniswap’s commitment to security and innovation in the rapidly evolving DeFi landscape.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...