[ad_1]
Uniswap ($UNI) Labs has formally launched a Bug Bounty Program (“the Program”). The initiative goals to encourage moral hackers and safety researchers to establish and report vulnerabilities in Uniswap’s deployed contracts. Rewards for profitable bug disclosures can attain as much as 2,250,000 USDC, relying on the severity of the problem.
Scope of the Program
The Program particularly targets vulnerabilities in Uniswap’s deployed contracts, together with however not restricted to:
Common Router Contract Code
Permit2 Contract Code
V3 Contract Code
UniswapX Contract Code
Nonetheless, if a bug is found in a Uniswap sensible contract exterior of those repositories and poses a danger to person funds, will probably be thought-about in-scope for the Program.
Exclusions
The Program doesn’t cowl:
Third-party contracts not underneath Uniswap’s direct management
Points already listed in audits for the above contracts
Bugs in third-party contracts or purposes that use Uniswap contracts
The Uniswap DAPP, net interface, or different non-contract associated supplies
Reward Construction
Uniswap Labs has categorized the severity of potential points into 4 ranges:
Essential Points: Impacting quite a few customers and posing critical reputational, authorized, or monetary dangers.
Excessive Points: Affecting particular person customers and posing average monetary danger.
Medium Points: Posing comparatively small dangers and never threatening person funds.
Low/Informational Points: Related to safety greatest practices however not posing an instantaneous danger.
The rewards will likely be allotted based mostly on this severity scale and the chance of the bug being exploited, as decided solely by Uniswap Labs.
Disclosure Protocol
All vulnerabilities should be reported to Uniswap Labs by way of the designated e-mail: safety+bugbounty@uniswap.org. Public disclosure of the vulnerability is prohibited till Uniswap Labs has resolved the problem and granted permission for public disclosure.
Eligibility Standards
To be eligible for a reward, the reporter should:
Uncover a singular, previously-unreported vulnerability throughout the scope of the Program.
Be the primary to reveal the vulnerability to Uniswap Labs.
Present adequate data for the vulnerability to be reproduced and glued.
Adjust to all different phrases and circumstances of the Program.
Last Remarks
Uniswap Labs retains the only discretion to change the phrases and circumstances of the Program at any time. By taking part within the Program, you grant Uniswap Labs the rights wanted to validate, mitigate, and disclose the vulnerability.
Picture supply: Shutterstock
[ad_2]
Source link
