• © Goverland Inc. 2026
  • v1.0.2
  • Privacy Policy
  • Terms of Use
Aave DAOAave DAOby0xf71fc92e2949ccF6A5Fd369a0b402ba80Bc61E02bgdlabs.eth

[ARFC] Bug bounties proposal

Voting ended over 2 years agoSucceeded

Summary

Proposal for the community to pre-approve the distribution of a set of bug bounties submitted to Aave by independent security researchers.

Description

An extensive analysis of the findings and recommended bounties can be found on the Aave governance forum HERE, but as a recap:

  1. Flash loan premium not passed correctly to the receiver. 5'000 USD to Emanuele Ricci

  2. Misusage of e-mode oracle feed after an asset is removed from e-mode.10'000 USD to Emanuele Ricci

  3. Griefing risk with LTV0 and isolated collateral assets. Total of 40'000 USD, 20'000 USD for Emanuele Ricci and 20'000 USD for cmichel

  4. Risk of price manipulation on GUNI USDC/UDST due to illiquidity. 20'000 USD for kankodu

  5. Inconsistent amount on aToken transfer events. 10'000 USD for watchpug

On the final on-chain proposal releasing the funds, the amounts will be taken in USD stablecoins, to avoid price volatility.

Off-Chain Vote

For
468.33K AAVE100%
Against
89.4 AAVE0%
Abstain
39.27 AAVE0%
Quorum:146%
Download mobile app to vote

Timeline

Jun 23, 2023Proposal created
Jun 24, 2023Proposal vote started
Jun 27, 2023Proposal vote ended
Dec 25, 2025Proposal updated