Uniswap Labs Launches $15.5M Bug Bounty Program Ahead of v4 Deployment

The Uniswap (UNI) team said in an announcement on Nov. 26 that this bug bounty is the “largest” ever introduced.

Uniswap Labs, the organization behind the popular decentralized exchange Uniswap, has announced the launch of a substantial bug bounty program with a maximum reward of $15.5 million for identifying critical vulnerabilities in its v4 core contracts.

According to an announcement by Uniswap on Nov. 26, this bug bounty is touted as the “largest” ever introduced.

The latest network upgrade by Uniswap, v4, aims to establish the protocol as a hub for developers. This upgrade introduces hooks — contracts that enable developers to customize user interactions across pools, swaps, and liquidity provision, unlocking new possibilities for assets and market structures.

Prior to deployment, Uniswap v4 has undergone nine key codebase reviews by firms such as OpenZeppelin, ABDK, Spearbit, Certora, and Trail of Bits.

Additionally, the project has attracted over 500 researchers through its $2.35 million security competition. Despite not yet uncovering any critical vulnerabilities, Uniswap Labs is exercising heightened caution as the v4 deployment approaches.

“As deployment approaches, we’re taking an extra step to ensure v4 is as secure as possible with the $15.5M bug bounty,” the Uniswap Labs team stated via X.

Bug bounty programs are commonly employed to bolster security and user protection, especially within an ecosystem that frequently encounters crypto attacks and network exploits. These programs engage ethical hackers to identify vulnerabilities in exchange for rewards.

In April 2023, hackers exploited Uniswap using sandwich attacks, leading to the theft of crypto assets valued at around $25.2 million.