The main development company behind the popular Ethereum-based decentralized exchange, Uniswap Labs, is launching a $2.35 million security contest prize pool for the upcoming v4 or fourth iteration release. The Uniswap team stated in an announcement, “At Uniswap Labs, we are focused on ensuring that v4 is the most audited set of contracts deployed on-chain.”
Uniswap Team Takes Notable Step
The non-profit Uniswap Foundation and the web3 auditor network Cantina are also supporting the effort. The $2.35 million prize pool is said to be the largest in DeFi history. The prize will fund independent reviews of Uniswap v4’s smart contracts and the new Universal Router system, which allows swaps between ERC-20 tokens and NFTs.
Audit contests are a common way for teams to discover and fix code vulnerabilities that could be exploited by attackers, marking an important process in cryptocurrencies, especially since smart contracts cannot be updated once launched.
Uniswap v4 marks a kind of divergence for the pioneering decentralized exchange that launched the first working automated market maker connecting buyers and sellers to swap Ethereum-based tokens. V4 is planned to go live in the third quarter. The team offers forks or smart contract plugins that enable customization, such as setting dynamic fees in Uniswap’s liquidity pools, on-chain limit orders, and custom-built oracles. The last major Uniswap upgrade, v3, was launched in 2021.
Details on the Subject
V4 also hopes to relieve users and liquidity providers from fees by holding all liquidity pools in a single contract to reduce transaction costs associated with creating new pools and executing transactions. While the upgrade is awaited, it has also sparked debates; similar to the v3 protocol, v4 will be released under a four-year Business Source License, which limits what others can do with the code.
Some see this as a violation of the open-source ethos of cryptocurrency. Uniswap Labs released the draft code for v4 in mid-2023. The audit contest will start on September 4 and continue until the end of the month. The team shared the following statement on the subject:
“Anyone can report vulnerabilities in the v4 codebase. Rewards will be allocated based on the severity of the disclosed bug and the quality of the submitted documentation.”
