On November 26th, Uniswap Labs launched a $15.50 million official bug bounty program for v4 to incentivize responsible bug disclosures. All reports must be submitted directly to the v4 Bug Bounty page on Cantina within 24 hours of discovery. Vulnerabilities in third-party contracts not deployed by Uniswap Labs, issues listed in contract audits in v4 repositories, third-party contracts or applications using contracts deployed by Uniswap Labs, and issues flagged in previous internal reviews, contests, and audits are not covered by the program. Uniswap v4 peripheral contracts are currently out of scope, but they are expected to be added to the bug bounty program soon.