From cointelegraph by Tristan Greene
Uniswap Labs announced the launch of what it deems “the largest bounty in history” ahead of the Uniswap v4 release.
The bounty program, currently underway, features payouts ranging from $2,000 up to the full $15.5 million purse for the discovery of unique vulnerabilities resulting in code change.
In order to achieve the highest payouts, bounty hunters will need to uncover a critical flaw or exploit in the Uniswap v4 core contracts code, per the terms of the program.
“Introducing the largest bug bounty in history. We're rewarding up to $15.5M to anyone that finds a critical vulnerability in v4 core contracts. Find a critical bug, become a millionaire.”
It’s unclear if this is the biggest bounty program in history. For comparison, bug bounty platform Immunefi reportedly paid out a $14.82 million bounty in 2021 as part of its ongoing security efforts.
Related: Immunefi suspends TrustSec amid bug bounty dispute
Other notable bounty payouts include Google’s highest-ever vulnerability discovery payout of $605,000 in 2022, a year in which the company paid out a reported total of $12 million. And, more recently, Microsoft announced $4 million in cloud and AI bounties.
Based on available data, Uniswap’s $15.5 million bounty would become the largest in recent memory if it were claimed in a single payout.
However, according to Uniswap Labs, over 500 researchers participated in its previously held $2.35 million security competition for the unreleased v4, and no critical vulnerabilities were found. The firm said the $15.5 million program is “an extra step to ensure v4 is as secure as possible.”
The maximum payout of $15.5 million is only available to researchers who discover unique vulnerabilities in the Uniswap v4 core contracts code that result in code change.