- Largest crypto bug bounty thus far, surpassing Uniswap’s $15.5 million.
- Usual has undergone 20 security audits, all discovering no main flaws.
- Other protocols lag behind, with max bounties at $2 million up to now.
Stablecoin protocol Usual has unveiled a record-setting $16 million bug bounty programme in partnership with blockchain security agency Sherlock.
The initiative, now the biggest in the crypto sector, targets crucial codebase flaws that would result in the loss or freezing of funds.
Hosted on Sherlock’s platform, the bounty will solely award findings that spotlight confirmed and long-term security dangers, with an emphasis on reasonable exploit situations.
The launch marks a vital escalation in the trade’s strategy to on-chain security, overtaking Uniswap’s $15.5 million bounty introduced in late 2024.
Crypto security hits $16m milestone
The $16 million bounty makes Usual the new frontrunner in the blockchain security race, eclipsing all beforehand recorded bug bounty rewards in the decentralised finance (DeFi) ecosystem.
Prior to this, the biggest bounty was supplied by Uniswap Labs in November 2024, totalling $15.5 million.
Usual’s bounty units a new precedent and comes at a time when Total Value Locked (TVL) on its platform has crossed $880 million, rising the necessity for strong defence mechanisms.
Unlike commonplace bug bounties, the Usual-Sherlock initiative focuses on vulnerabilities with the potential to trigger irreversible injury.
Only bugs that consequence in particular fund loss or indefinite freezing, lasting a yr or extra with out reliance on exterior situations, will qualify for rewards.
This selective strategy goals to prioritise threats with the best real-world influence.
20 security audits full, no flaws discovered up to now
The launch of this $16 million programme follows a string of security checks on Usual’s codebase.
According to Sherlock, the protocol has already undergone 20 audits, together with a current Sherlock-hosted audit contest that featured a $209,000 prize pool.
None of the audits recognized any crucial points in the code, rising trade confidence in the protocol’s structure.
This newest bounty marketing campaign is hosted solely on Sherlock’s platform, which serves as a hub for vetting blockchain functions via community-led vulnerability hunts.
Sherlock’s function ensures that the bounty course of is clear, aggressive, and effectively managed, giving moral hackers clear tips on what qualifies for a payout.
Threat detection turns into precedence
As DeFi platforms develop in complexity and capitalisation, the dimensions and stringency of bug bounties have grow to be key differentiators.
For Usual, this initiative indicators a strategic transfer to reassure customers and institutional companions in regards to the integrity of its operations.
The push towards bigger and extra focused bug bounty programmes underscores a maturing trade grappling with escalating threats.
In a house the place vulnerabilities could be exploited in seconds, pre-launch security assurances have gotten simply as crucial as post-launch efficiency metrics.
