HurricaneSwap Mainnet Bug Bounty

Credit: The rules were inspired by AAVE’s bug bounty.

We are happy to announce the launch of HurricaneSwap Mainnet as well as our Bug Bounty Program. All the code has been audited by PeckShield but we want to achieve the maximum level of security so we are calling on our community to help us find any bugs or vulnerabilities.


  • Public disclosure of a vulnerability would make it ineligible for a reward.
  • Technical knowledge is required for the process.
  • Duplicated issues are not eligible for reward. The first submission would be the eligible one.
  • If you want to add more information to a provided issue, create a new submission giving reference to the initial one.
  • Rewards will be decided on a case by case basis and the bug bounty program, terms, and conditions are at the sole discretion of Aave.
  • Rewards will vary depending on the severity of the issue. Other variables considered for rewards include: the quality of the issue description, the instructions for reproducibility, and the quality of the fix (if included).
  • Determinations of eligibility, score and all terms related to an award are at the sole and final discretion of Aave.
  • Submissions need to be related with the Bounty Scope. Submissions out of the Bounty Scope won’t be eligible for a reward.
  • Any interference with the protocol, client or platform services, on purpose or not during the process will make the submission process unvalid.
  • Terms and conditions of the bug bounty process may vary over time.
  • Our bug bounty follows a similar approach as Ethereum Bug Bounty. The severity of the issues will be based on the OWASP risk rating model based on Impact and Likelihood.
  • It is mandatory to read and follow the responsible disclosure policy available in the references. Submissions not following the disclosure policy will not be eligible for a reward.



Send an email to including as many details as possible about the vulnerability, the components affected, the reproduction of the issue and possible fixes.




1st Cross-Chain Liquidity DEX based on Avalanche

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Microsoft files DMCA for the leak of Windows 11

Report on the Delegation of the .мон

Ribose - IDOR with Simple CSRF Bypass - Unrestricted Changes and Deletion to other Photo Profile

5 Best WordPress Backup Plugins For 2022

FCL(Fractal) to be Listed on LBank

Business Fraud

Why Should You Audit Your Website for Security?

Website Security Audit

🕵🏻‍♂️ New Airdrop: Lean Mean

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


1st Cross-Chain Liquidity DEX based on Avalanche

More from Medium

Hord Test App is Live

HurricaneSwap V2: Hurricane Effect Program

Islander x Avalaunch AMA session in Islander Community recap

[Announcement] Shuffle App Update Guide