Uniswap Labs 在 v4 部署之前启动 1550 万美元的错误赏金计划

Uniswap (UNI) 团队在 11 月 26 日的一份声明中表示，此次漏洞赏金是有史以来推出的“最大”一次。

Uniswap Labs, the organization behind the popular decentralized exchange Uniswap, has announced the launch of a substantial bug bounty program with a maximum reward of $15.5 million for identifying critical vulnerabilities in its v4 core contracts.

Uniswap Labs 是流行的去中心化交易所 Uniswap 背后的组织，宣布启动一项重大错误赏金计划，最高奖励 1550 万美元，用于识别其 v4 核心合约中的关键漏洞。

According to an announcement by Uniswap on Nov. 26, this bug bounty is touted as the “largest” ever introduced.

根据 Uniswap 11 月 26 日的公告，此次漏洞赏金被誉为有史以来“最大”的一次。

The latest network upgrade by Uniswap, v4, aims to establish the protocol as a hub for developers. This upgrade introduces hooks — contracts that enable developers to customize user interactions across pools, swaps, and liquidity provision, unlocking new possibilities for assets and market structures.

Uniswap 最新的网络升级 v4 旨在将该协议建立为开发人员的中心。此次升级引入了挂钩——合约，使开发人员能够定制跨矿池、互换和流动性供应的用户交互，从而为资产和市场结构释放新的可能性。

Prior to deployment, Uniswap v4 has undergone nine key codebase reviews by firms such as OpenZeppelin, ABDK, Spearbit, Certora, and Trail of Bits.

在部署之前，Uniswap v4 已接受 OpenZeppelin、ABDK、Spearbit、Certora 和 Trail of Bits 等公司的九次关键代码库审查。

Additionally, the project has attracted over 500 researchers through its $2.35 million security competition. Despite not yet uncovering any critical vulnerabilities, Uniswap Labs is exercising heightened caution as the v4 deployment approaches.

此外，该项目还通过价值 235 万美元的安全竞赛吸引了 500 多名研究人员。尽管尚未发现任何严重漏洞，但随着 v4 部署的临近，Uniswap Labs 仍保持高度谨慎。

“As deployment approaches, we’re taking an extra step to ensure v4 is as secure as possible with the $15.5M bug bounty,” the Uniswap Labs team stated via X.

Uniswap Labs 团队通过 X 表示：“随着部署的临近，我们将采取额外措施，以确保 v4 尽可能安全，并提供 1550 万美元的漏洞奖励。”

Bug bounty programs are commonly employed to bolster security and user protection, especially within an ecosystem that frequently encounters crypto attacks and network exploits. These programs engage ethical hackers to identify vulnerabilities in exchange for rewards.

错误赏金计划通常用于增强安全性和用户保护，特别是在经常遇到加密攻击和网络漏洞的生态系统中。这些计划吸引道德黑客来识别漏洞以换取奖励。

In April 2023, hackers exploited Uniswap using sandwich attacks, leading to the theft of crypto assets valued at around $25.2 million.

2023 年 4 月，黑客利用三明治攻击方式利用 Uniswap，导致价值约 2520 万美元的加密资产被盗。