Aave

Menu

Security
Aave | Security

At the Aave Companies, security is our top priority as we build protocols; this is top of mind as we innovate new software. Cryptoassets supplied to the Aave Protocol are stored on a non-custodial smart contract on the Ethereum blockchain. You control your wallet. Regulated and auditable by code.

Aave Protocol has had audits by Trail of Bits, Open Zeppelin, Consensys Diligence, CertiK, PeckShield, Certora and SigmaPrime. All audits are publicly available, and you can find them below.

Bug bounty

Bug bounty

There is a Bug Bounty program for V2 of the Aave Protocol, in which community members can report what they believe may be bugs or vulnerabilities. Valid reports may be rewarded up to $250,000 (only for critical bugs). More information on the bounty criteria and application process is available on the Bug Bounty page.

Admin keys

Admin keys

Ownership of the Aave Protocol belongs to Aave Governance, the group of AAVE tokenholders. Protocol upgrades or changes are decided by votes on Aave Improvement Proposals (AIPs). Feel free to join the community governance discussion.

Oracles

Oracles

Aave Protocol is integrated with Chainlink to power the Aave oracle network, which provides live price feeds for 66 crypto assets. The Chainlink oracles reflect real time conditions on and off chain in the prices on the Aave Protocol. Decentralization is the foundation of Aave Protocol, and Chainlink guarantees a decentralized oracle service that cannot be exploited at a single point.