Trusted

Uniswap Offers $15.5 Million Bug Bounty for v4 Core Vulnerabilities

2 mins
Updated by Daria Krasnova
Join our Trading Community on Telegram

In Brief

  • Uniswap announced a record-breaking $15.5 million bug bounty targeting critical vulnerabilities in its v4 core contracts.
  • Only "critical" bugs qualify for the full reward, with minor issues capped at $1 million or less, and third-party contracts excluded.
  • This high-profile bounty follows nine audits and a $2.35 million security contest, highlighting Uniswap's focus on v4 security.
  • promo

Uniswap, the largest decentralized exchange (DEX), has announced a $15.5 million bug bounty for vulnerabilities in its v4 upgrade. This sets a new record for the highest bug bounty ever offered, surpassing LayerZero’s $15 million reward.

However, this bounty includes several caveats, and Uniswap will only offer a full payout to a “critical” vulnerability that doesn’t include third-party contracts or applications.

Uniswap v4’s Bug Bounty

Uniswap recently offered a substantial bounty for identifying code vulnerabilities. Specifically, the firm is looking for weaknesses in its massive v4 upgrade’s core capabilities. Uniswap also released a blog post with further details about the program:

“Today, we’re excited to launch a $15.5 million bug bounty, the largest in history, for vulnerabilities found in Uniswap v4 core contracts. Uniswap v4 is already among the most thoroughly reviewed codebases in DeFi, with nine independent audits. As deployment approaches, we’re taking an extra step to ensure v4 is as secure as possible,” the post read.

Strictly speaking, Uniswap’s claim to being the largest-ever “bug bounty” is somewhat ambiguous. In the past, certain platforms have offered large bounties to successful hackers, incentivizing them to return stolen funds. Last year, Mixin Network called their $20 million enticement to hackers a “bug bounty,” but the company slightly misused the term.

In this case, Uniswap only offers payments for identifying a weakness, not a ransom for actually exploiting it. In this genre, Uniswap’s $15.5 million offer is indeed massive: earlier this year, Solana offered only $1 million for a similar program. In other words, the company might view continued v4 security as integral to Uniswap’s continued success.

Alternatively, this substantial offer could come from a place of confidence. As mentioned, Uniswap carried out nine separate independent code audits and conducted a further $2.35 million security competition. Fortune claims that Uniswap chose $15.5 million to one-up LayerZero, which offered a $15 million bounty last year. This high reward, then, could just be a boast.

In any event, this massive reward comes with important caveats. First of all, a hacker cannot claim a vulnerability from any third-party contract or application, even those deployed by Uniswap Labs. Second, it can’t list any unfixed issues that previous audits identified. Finally, only a “critical” bug gets the full payment, with lower risks getting between $1 million and $100,000.

Best crypto platforms in Europe | January 2025
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
Chain GPT Chain GPT Explore
Best crypto platforms in Europe | January 2025
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
Chain GPT Chain GPT Explore
Best crypto platforms in Europe | January 2025

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

image-10-1.png
Landon Manning
Landon Manning is a journalist at BeInCrypto, covering a wide range of topics, including international regulation, blockchain technology, market analysis, and Bitcoin. Previously, Landon spent six years as a writer with Bitcoin Magazine and co-authored a Bitcoin maximalist newsletter with 30,000 subscribers. Landon holds a Bachelor of Arts in Philosophy from Sewanee: The University of the South.
READ FULL BIO
Sponsored
Sponsored