Alisa Davidson
Printed: November 26, 2025 at 2:14 am Up to date: November 26, 2025 at 2:14 am
Edited and fact-checked:
November 26, 2025 at 2:14 am
In Temporary
Uniswap has launched a bug bounty program with rewards as much as $15.5 million to incentivize researchers to determine safety vulnerabilities throughout its protocol, contracts, and associated infrastructure.
Decentralized trade (DEX) Uniswap introduced that it has launched a brand new bug bounty initiative on the Web3 safety platform Cantina, providing a most reward of $15.5 million.Â
The initiative is meant to inspire researchers to determine and submit reviews on safety points throughout the Uniswap protocol, related web sites, backend providers, cellular and prolonged wallets, and associated infrastructure.Â
Uniswap protocol operates as a peer-to-peer framework supposed for exchanging worth, counting on a group of everlasting and non-upgradable good contracts which can be structured to run independently with out requiring intermediaries.
This system covers vulnerabilities and defects present in probably the most lately deployed variations of designated Uniswap contracts, together with V4 Core Contracts, the Common Router Contract Code, the Permit2 Contract Code, the V3 Contract Code, the UniswapX Contract Code, in addition to different elements, together with commit b619b67 of the required undeployed v4-core contracts.Â
The initiative offers compensation based mostly on the assessed severity of every vulnerability, categorized as essential, excessive, medium, or low, with corresponding most rewards of $15.5 million, $1 million, $100,000, and $50,000.
Bug Bounty Guidelines Require Confidential Reporting And Compliance For Rewards
In keeping with this system necessities, any recognized vulnerability should stay undisclosed to the general public or to any exterior celebration till Uniswap Labs has been knowledgeable, has resolved the problem, and has granted approval for public disclosure.Â
A report should even be submitted inside twenty-four hours of discovering the vulnerability. A complete clarification of the problem will increase the probability of receiving a reward and should improve the reward quantity. Studies ought to embrace detailed details about the situations crucial to breed the issue, the steps required to copy it or a proof of idea, and the potential penalties if the vulnerability have been to be exploited.Â
People who report a novel and beforehand unknown vulnerability that results in a modification of the code or a configuration change, and who keep confidentiality till the problem has been addressed, could obtain public acknowledgment for his or her contribution if desired.
As a way to qualify for a reward underneath this system, individuals should determine a beforehand unreported and private vulnerability that’s not already recognized to the Uniswap Labs group and falls throughout the outlined scope. All requested KYC and supporting documentation should be supplied. Eligibility requires being the primary to submit the distinctive vulnerability whereas following this system’s disclosure guidelines, supplying sufficient element for engineers to breed and proper the problem, and refraining from exploiting the vulnerability for any goal aside from receiving a reward by means of this system.Â
Contributors should keep away from publicizing or utilizing the vulnerability outdoors of confidential reporting, keep away from actions that compromise privateness, injury information, or disrupt any property inside scope, and should not submit points that stem from the identical underlying trigger as one beforehand rewarded. Disclosing the vulnerability should not contain illegal habits, together with coercive or threatening conduct.Â
Moreover, individuals should meet the age of majority, should not be positioned in areas topic to U.S. commerce or financial sanctions or the place participation is prohibited, and should not be present or former staff, distributors, or contractors who contributed to the related code. Full compliance with all program guidelines, together with restrictions on prohibited actions, is required.
Disclaimer
According to the Belief Venture pointers, please observe that the knowledge supplied on this web page is just not supposed to be and shouldn’t be interpreted as authorized, tax, funding, monetary, or some other type of recommendation. You will need to solely make investments what you may afford to lose and to hunt impartial monetary recommendation in case you have any doubts. For additional data, we propose referring to the phrases and situations in addition to the assistance and assist pages supplied by the issuer or advertiser. MetaversePost is dedicated to correct, unbiased reporting, however market situations are topic to vary with out discover.
About The Writer
Alisa, a devoted journalist on the MPost, makes a speciality of cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a eager eye for rising tendencies and applied sciences, she delivers complete protection to tell and have interaction readers within the ever-evolving panorama of digital finance.
Extra articles
Alisa, a devoted journalist on the MPost, makes a speciality of cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a eager eye for rising tendencies and applied sciences, she delivers complete protection to tell and have interaction readers within the ever-evolving panorama of digital finance.
Extra articles
