A few days ago, Uniswap announced the launch of the largest bug bounty in history.
This involves 15.5 million dollars in rewards for anyone who finds a critical vulnerability in the core v4 contracts of Uniswap.
Summary
The DEX Uniswap
Uniswap is the largest DEX in the world by trading volumes.
It was launched in 2018, but its use began to spread especially from the second half of 2020, with peaks of use during the great bullrun of 2021.
It has practically always been the decentralized exchange of reference, even if at times it has been surpassed by other DEX but only for brief moments.
It exists on multiple chains, even though the vast majority of trading volumes occur on Ethereum, and on its layer-2 Arbitrum, Base, Polygon, and Optimism.
It is not active on Solana, while it is on BNB Chain and Avalanche.
Although the trading volumes of Uniswap have recently returned close to the highs of 2021, as far as the TVL is concerned, the peak of over 10 billion dollars reached both in May 2021 and in November of the same year are still distant, given that for now it is stuck at just over 6 billion.
The new version V4 of Uniswap
There are three versions of Uniswap, although the most widely used by far is the latest one, V3.
The fact is that Uniswap Labs is working on the fourth version, V4, which, however, has not yet been launched.
To tell the truth, the release of V4 was expected before the end of September, but the timeline has been extended.
The smart contracts of the new version have now been made available on GitHub so that they can be analyzed and tested.
It is not yet clear when the final code of Uniswap V4 can be released, but if they have launched the bug bounty program, it means they have good confidence that the code development is almost complete.
The new version will transform Uniswap into a platform for developers, unlocking new market structures and more assets to serve more users, thanks to the introduction of hooks, contracts that developers can create to customize the way pools, swaps, fees, and LPs interact. In short, hooks allow for new additional functionalities to the Uniswap protocol.
Furthermore, they predict that pools on V4 will be 99.99% cheaper to create, and that swappers can expect significant savings on multi-hop swaps.
The new bug bounty of Uniswap
In the official launch statement, Uniswap Labs announced that the bug bounty for V4 is already active.
It is a bug bounty of 15.5 million dollars, which is the largest ever concerning Uniswap.
The company invites you to explore the code of V4 and report any vulnerabilities.
They have also created a dedicated page on Cantina with all the rules of the bug bounty and the disclosure requirements.
Uniswap V3 is widely and extensively considered a very secure DEX, and V4 according to Uniswap Labs would already be among the most thoroughly reviewed codebases in DeFi, with nine independent audits by OpenZeppelin, Spearbit, Certora, Trail of Bits, ABDK, and Pashov Audit Group.
Over 500 researchers participated in the development of the V4 with a security competition worth 2.35 million dollars, and no critical vulnerabilities were found.
The colossal bug bounty of 15.5 million serves to take a further step forward to ensure that V4 is as secure as possible, with the approach of the final implementation.