[ARFC] Bug bounties proposal
Summary
Proposal for the community to pre-approve the distribution of a set of bug bounties submitted to Aave by independent security researchers.
Description
An extensive analysis of the findings and recommended bounties can be found on the Aave governance forum HERE, but as a recap:
-
Flash loan premium not passed correctly to the receiver. 5โ000 USD to Emanuele Ricci
-
Misusage of e-mode oracle feed after an asset is removed from e-mode.10โ000 USD to Emanuele Ricci
-
Griefing risk with LTV0 and isolated collateral assets. Total of 40โ000 USD, 20โ000 USD for Emanuele Ricci and 20โ000 USD for cmichel
-
Risk of price manipulation on GUNI USDC/UDST due to illiquidity. 20โ000 USD for kankodu
-
Inconsistent amount on aToken transfer events. 10โ000 USD for watchpug
On the final on-chain proposal releasing the funds, the amounts will be taken in USD stablecoins, to avoid price volatility.
| Voter | Cast Power | Vote & Rationale |
|---|---|---|
 0x329c...543eD4 | 231,444 | For |
 FranklinDAO (Prev. Penn Blockchain) | 108,948 | For |
 0xB83b...Fbcf5C | 81,413 | For |
 Wintermute Governance | 41,672 | For |
 0xkeyrock.eth | 3,000 | For |
VOTE POWER
Proposal Status
- Sat June 24 2023, 10:58 amVoting Period Starts
- Tue June 27 2023, 10:58 amEnd Voting Period
Current Results
1-For
468,328.119
2-Against
89.396
3-Abstain
39.27