Stable Rate Bug Bounty
Stable Rate Bug Bounty
Author
BGD Labs @bgdlabs
Creator
0xf71fc92e2949ccF6A5Fd369a0b402ba80Bc61E02
Simple Summary
Bug bounty payment for the report received on 4th November 2023 amounting a grant total of ~1'000'000 for the white hat splitted in stable-coins and AAVE, together with the $100'000 Immunefi fee (10% of the total).
Motivation
On the 4th of November 2023, a report was received via the Aave <> Immunefi bug bounty program about a critical bug related to the stable borrow rate.
Similar to any other valid bug reports, a bounty needs to be paid to the white-hat. However, being a critical severity one, we think it is reasonable to have an ad-hoc governance proposal for this type of sizeable payment.
Specification
The governance proposal executes the payment to 2 different recipients:
-> White-hat
- Transfer of 500'000 aUSDT v2 Ethereum from the Aave Ethereum Collector.
- Transfer of 5'583 AAVE (calculated to be $500'000 using a 30-days average) from the Aave Ecosystem Reserve. The amount has been determined following the recommendation of the financial service providers of the DAO HERE.
-> Immunefi
- Transfer of 100'000 aUSDT v2 Ethereum from the Aave Ethereum Collector.
References
- Implementation: AaveV3Ethereum
- Tests: AaveV3Ethereum
- Discussion
Copyright
Copyright and related rights waived via CC0.