Uniswap Launches $15.5M Bug Bounty Program On Cantina To Strengthen Security

Decentralized trade (DEX) Uniswap introduced that it has launched a brand new bug bounty initiative on the Web3 safety platform Cantina, providing a most reward of $15.5 million. 

The initiative is meant to inspire researchers to establish and submit studies on safety points throughout the Uniswap protocol, related web sites, backend companies, cellular and prolonged wallets, and associated infrastructure. 

Uniswap protocol operates as a peer-to-peer framework meant for exchanging worth, counting on a group of everlasting and non-upgradable good contracts which can be structured to run independently with out requiring intermediaries.

The program covers vulnerabilities and defects present in probably the most lately deployed variations of designated Uniswap contracts, together with V4 Core Contracts, the Universal Router Contract Code, the Permit2 Contract Code, the V3 Contract Code, the UniswapX Contract Code, in addition to different elements, together with commit b619b67 of the desired undeployed v4-core contracts. 

The initiative supplies compensation based mostly on the assessed severity of every vulnerability, categorized as important, high, medium, or low, with corresponding most rewards of $15.5 million, $1 million, $100,000, and $50,000.

Bug Bounty Rules Require Confidential Reporting And Compliance For Rewards

According to this system necessities, any recognized vulnerability should stay undisclosed to the general public or to any exterior celebration till Uniswap Labs has been knowledgeable, has resolved the difficulty, and has granted approval for public disclosure. 

A report should even be submitted inside twenty-four hours of discovering the vulnerability. A complete rationalization of the difficulty will increase the chance of receiving a reward and will improve the reward quantity. Reports ought to embody detailed details about the situations vital to breed the issue, the steps required to copy it or a proof of idea, and the potential penalties if the vulnerability had been to be exploited. 

Individuals who report a novel and beforehand unknown vulnerability that results in a modification of the code or a configuration change, and who keep confidentiality till the difficulty has been addressed, might obtain public acknowledgment for his or her contribution if desired.

In order to qualify for a reward beneath this system, individuals should establish a beforehand unreported and private vulnerability that’s not already recognized to the Uniswap Labs workforce and falls throughout the outlined scope. All requested KYC and supporting documentation should be offered. Eligibility requires being the primary to submit the distinctive vulnerability whereas following this system’s disclosure guidelines, supplying sufficient element for engineers to breed and proper the difficulty, and refraining from exploiting the vulnerability for any goal aside from receiving a reward by this system. 

Participants should keep away from publicizing or utilizing the vulnerability outdoors of confidential reporting, keep away from actions that compromise privateness, harm information, or disrupt any belongings inside scope, and should not submit points that stem from the identical underlying trigger as one beforehand rewarded. Disclosing the vulnerability should not contain illegal habits, together with coercive or threatening conduct. 

Furthermore, individuals should meet the age of majority, should not be situated in areas topic to U.S. commerce or financial sanctions or the place participation is prohibited, and should not be present or former staff, distributors, or contractors who contributed to the related code. Full compliance with all program guidelines, together with restrictions on prohibited actions, is required.

The put up Uniswap Launches $15.5M Bug Bounty Program On Cantina To Strengthen Security appeared first on Metaverse Post.