AaveLabs: Updates Bug Bounty Program, Core Aave V3 Maximum Reward Raised to $5 Million

Odaily Odaily reports that, according to official sources, AaveLabs has proposed restructuring the Aave DAO bug bounty framework into multiple specific subsystem programs, operating on the Immunefi, Sherlock, and Cantina platforms respectively. Core Aave V3, Core Aave V2, GHO, and non-liquidity protocol infrastructure will be covered by Immunefi; Aave V4 and the Aave App Stack will be covered by Sherlock; and Aave V3 on Aptos will be covered by Cantina.

The proposal suggests adjusting the bounty scale for each system. The maximum reward for critical vulnerabilities in Core Aave V3 is $5 million, while the maximum reward for critical vulnerabilities in Aave V4 is $2.5 million. Additionally, the funding source for the Aave V3 bug bounty on Aptos will be transferred from Aave Labs to the Aave DAO. This ARFC proposal has currently been passed.