Aave | Security

At Aave, security is our top priority and we are constantly auditing and improving Aave Protocol. Funds are stored on a non-custodial smart contract on the Ethereum blockchain. You control your wallet. Regulated and auditable by code. You can read our biweekly security updates on our blog.

Bug bounty

Aave has an ongoing Bug Bounty program where community members can report any bugs or vulnerabilities they discover for a reward of up to $250,000 for critical bugs. Find more information on the bounty criteria and application process on the Bug Bounty page.

Security audits

To ensure top notch security, Aave Protocol has had audits by Trail of Bits, Open Zeppelin, Consensys Diligence, Certik, Peckshield, Certora and Sigma Prime. All audits are publicly available, and you can find them below.

Admin keys

Admin keys

Ownership of the Aave Protocol belongs to the AAVE token holder’s governance. Protocol upgrades are decided by votes on Aave Improvement Proposals (AIPs). Feel free to join the community governance discussion.



Aave Protocol has integrated with Chainlink to power the Aave oracle network, securing 22 cryptocurrency price feeds live. By leveraging Chainlink oracles, Aave Protocol’s prices reflect real-time conditions on and off chain. Decentralization is the foundation of Aave Protocol, and Chainlink guarantees a decentralized oracle service that cannot be exploited at a single point.