HurricaneSwap Mainnet Bug Bounty

Credit: The rules were inspired by AAVE’s bug bounty.

We are happy to announce the launch of HurricaneSwap Mainnet as well as our Bug Bounty Program. All the code has been audited by PeckShield but we want to achieve the maximum level of security so we are calling on our community to help us find any bugs or vulnerabilities.


  • Public disclosure of a vulnerability would make it ineligible for a reward.
  • Technical knowledge is required for the process.
  • Duplicated issues are not eligible for reward. The first submission would be the eligible one.
  • If you want to add more information to a provided issue, create a new submission giving reference to the initial one.
  • Rewards will be decided on a case by case basis and the bug bounty program, terms, and conditions are at the sole discretion of Aave.
  • Rewards will vary depending on the severity of the issue. Other variables considered for rewards include: the quality of the issue description, the instructions for reproducibility, and the quality of the fix (if included).
  • Determinations of eligibility, score and all terms related to an award are at the sole and final discretion of Aave.
  • Submissions need to be related with the Bounty Scope. Submissions out of the Bounty Scope won’t be eligible for a reward.
  • Any interference with the protocol, client or platform services, on purpose or not during the process will make the submission process unvalid.
  • Terms and conditions of the bug bounty process may vary over time.
  • Our bug bounty follows a similar approach as Ethereum Bug Bounty. The severity of the issues will be based on the OWASP risk rating model based on Impact and Likelihood.
  • It is mandatory to read and follow the responsible disclosure policy available in the references. Submissions not following the disclosure policy will not be eligible for a reward.



Send an email to including as many details as possible about the vulnerability, the components affected, the reproduction of the issue and possible fixes.




1st Cross-Chain Liquidity DEX based on Avalanche

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

DeBio: The Anonymous-First Appchain for Medical and Bioinformatic Data

DDoS: The most dramatic cyberattack

Token lock-ups

Our First Staking Campaign: A Whirlwind Sale and How To Improve Our Future Offerings

How to Pinch a Backhoe

How Cyber Insurance Will Develop in 2017?

Architectural Design Considerations for Security in IoT Solutions

Cybercrimes in Social Media

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


1st Cross-Chain Liquidity DEX based on Avalanche

More from Medium

Weekly Leaderboard Winners

Sneak peek: Unido Beta Release Rewards!

OEC Monthly Report — January 2022