The community has been engaged in a robust discussion about the implementation of a bug bounty program, a collaborative effort between bgdlabs and Immunefi. This program, which has been pre-approved via Snapshot, is tailored to Aave's specific requirements. bgdlabs will be in charge of reviewing and deciding on bounty submissions for various Aave versions and modules, while AaveCompanies will supervise the GHO and BGD will provide review support. The bounty program covers a wide range of Aave versions and modules, with rewards ranging from $1,000 for low threats to $1,000,000 for critical threats.

The proposal has sparked a lively debate among community members. Some, like EzR3aL, have expressed support for the bug bounty program, while others, such as Fav_truffe, have suggested partnering with a decentralized/onchain protocol like Hats Finance instead of ImmuneFi. This suggestion was based on the belief that Hats Finance would better align with Aave's decentralization ethos. However, bgdlabs confirmed that the Aave and Immunefi program has already been discussed and approved by the community through a temporary check Snapshot.

The discussion led to the publication of Aave governance proposal 325 by bgdlabs, which seeks explicit approval from the Aave DAO to activate the Aave and Immunefi bug bounty program. The exact activation date will depend on the completion of all setup on the Immunefi platform, but it is targeted to occur days after the proposal is approved by the community. Voting is set to start in approximately 24 hours. The community continues to weigh the pros and cons of each platform. In response to a query from Zilayo, Bgdlabs confirmed that they are in the final stages of administrative setup with Immunefi and expect the program to go live in a few days ^12,13.

In a recent update, Bgdlabs informed the community that the Aave and Immunefi bug bounty program, approved on proposal 325, is now live on the platform. The program currently covers all non-GHO components of the described scope, with GHO expected to be added in the coming days¹⁴. This marks a significant milestone in the community's ongoing efforts to enhance the security and reliability of Aave's platforms.