Authors: Trantor (Aura) and 0xMaha (Aura)
Summary
With the successful completion of AIP 3, Aura can and should increase the size of the offered bug bounty from $400,000 USD to $1,000,000 USD.
Background
Aura Finance was initially able to post a modest bug bounty of $400,000 USD on to the Immunefi platform. Immunefi hosts bug bounties for blockchain projects by providing a platform to bring projects and hackers together, so that hackers can report bugs responsibly and projects can fix those vulnerabilities securely.
Immunefi recommends a percentage based bug bounty of up to 10% of the total funds at risk, with the intention of making it large enough to turn any blackhat hacker into a whitehat and thus protect user funds. Given Aura has a Total Value Locked in excess of $300 million , the bounty should be increased to match other market participants.
To bring Aura’s bug bounty in line with market expectations it is proposed that the reward on offer increase to $1,000,000 USD. This would bring Aura Finance’s bug bounty to the same level as many other reputable protocols such as Sushi Swap, Balancer and Pancake Swap. The ability to provide a sizeable bounty indicates to the wider market that Aura Finance is serious about security and the protection of user funds.
Terms
Allocate $500,000 in USDC and $500,000 equivalent in vested Aura tokens to the Immunefi bug bounty program using the existing parameters and guidelines available at https://immunefi.com/bounty/aurafinance/ .
Voting
You may vote “For” this proposal to increase the funding to $1,000,000 USD or
“Against” this proposal to keep it at the current level.