Caroline Bishop
Mar 27, 2026 16:28
Paxos launches $1 million bug bounty on Cantina platform, overlaying all main stablecoin and gold token contracts plus Web2 infrastructure in safety push.
Paxos is placing $1 million on the desk for safety researchers who can break its infrastructure. The regulated blockchain firm launched a complete bug bounty program on Cantina, overlaying sensible contracts for USDG, PYUSD, and PAXG, together with its Web2 providers, APIs, and domains.
The highest payout—$1 million in USDG—targets crucial vulnerabilities that would compromise the corporate’s core techniques. That is not a advertising quantity. Paxos explicitly needs “the most effective researchers on this planet going deep” on its code.
Scope Extends Past Good Contracts
What makes this program notable is its breadth. Most crypto bug bounties focus narrowly on sensible contracts. Paxos is together with cross-chain infrastructure, public-facing merchandise, and conventional net providers—primarily mapping this system to how precise attackers would probe for weaknesses.
The timing connects to commitments Paxos made when launching USDG on Aave v3. The corporate informed Aave, LlamaRisk, and the broader neighborhood it will formalize exterior safety testing. This delivers on that promise.
Invitation-Solely Launch
For now, this system stays restricted to researchers already energetic in Cantina’s community. Paxos selected the platform particularly for its Web3-native focus and neighborhood of specialists who perceive the distinctive menace floor of tokenized property.
Researchers exterior the community can request entry by means of Cantina’s program web page. The corporate indicated it should develop entry after the preliminary invitation-only part.
Context on Paxos Property
The lined tokens characterize important worth. PAXG, the gold-backed token, at the moment sits at a market cap of roughly $2.33 billion with latest 24-hour beneficial properties of 1.85%. Simply this week, Paxos executed a $4.38 million PAXG switch to institutional market maker B2C2, signaling continued institutional exercise across the token.
PYUSD, PayPal’s stablecoin constructed on Paxos infrastructure, provides one other layer of publicity. Any vulnerability in these contracts may have an effect on each retail and institutional customers throughout a number of platforms.
Paxos operates below regulatory oversight from the OCC by means of its nationwide belief constitution, making safety failures significantly expensive from each monetary and compliance views.
The corporate can be hiring for its safety group, suggesting this bounty program is a part of a broader safety infrastructure buildout somewhat than a one-off initiative.
Picture supply: Shutterstock
