Aura Finance

Aura Finance is a DeFi Yield protocol deployed on ethereum. Bug bounty program with rewards up to $1,000,000 for verified smart contract vulnerabilities.

ETHDeFi YieldPoC Required

Verified ProgramKYC Not RequiredPoC Required

Max Bounty$1,000,000

Min Bounty$1,000

PayoutUSDC

Findings0

Accepted0

Chains1

Live SinceJun 2022

Submit a Finding for Aura Finance →

4 Audit Reports Available

auditsExternal

2023-08-aura-securityreview.pdfTrail of Bits

2023-08

Aura_Finance_Smart_Contract_Security_Audit_Report_Halborn_Final.pdfHalborn

2022-05-aura-findingsCode4rena

2022-05

01Severity & Rewards

02Program Rules

01Proof of Concept is required for all submissions. Reports without a working PoC demonstrating the vulnerability will not be considered.
02KYC is not required for this program. Pseudonymous submissions are accepted.
03Only previously unreported vulnerabilities are eligible. Duplicate submissions will be closed.
04Vulnerabilities must be reported through the WhiteClaws platform. Public disclosure before resolution disqualifies the submission.
05Testing must not disrupt live protocol operations. Use mainnet forks or testnets for Proof of Concept execution.
06For Critical severity findings, the security team may arrange direct communication for expedited resolution.

✓ IN SCOPE

●Yield vault and strategy contracts
●Deposit/withdrawal logic
●Reward harvesting mechanism
●Strategy rebalancing functions
●Fee calculation and collection

✕ OUT OF SCOPE

●Frontend applications
●Off-chain infrastructure

★Protocol Information

𝕏Twitter↗💬Discord↗✈Telegram↗

📊Rank#2496

Resources

◆Website↗📄Docs↗⚙Dev Docs↗⌥GitHub↗✎Blog↗●Status↗🛡Bounty Policy↗📊CoinGecko↗

Audited By

Halborn

Code4rena

Immunefi

1 Audit Report

Report #1 ↗

Submit Finding →← Browse All Programs

Bounty program indexed and verified by WhiteClawsProgram data sourced from on-chain analysis and public bounty disclosures.