The deployment of Aave V3 on the Aptos blockchain marks Aave's inaugural expansion beyond Ethereum Virtual Machine (EVM) compatible chains, tapping into Aptos' high throughput and advanced security features.
Live Aptos Mainnet Testing
- Four selected Aave assets, each provisioned with $25,000 in active liquidity a total of $100,000, are now accessible for exploit attempts conducted within Cantina’s controlled environment.
The objective is to exploit the contracts in scope and keep the funds, assuming:
- Your activity goes through Cantina’s platform.
- You’ve completed KYC.
- You follow the defined scope and rules of engagement.
Participation Requirements
- Sign up at cantina.xyz and complete the KYC process.
- Add your wallet address to your profile (Profile -> Edit Profile -> CTF Addresses).
- Agree to the terms of participation to access the gated CTF environment.
- The contracts are live on Aptos mainnet, The addresses are within the Cantina repository here.
- Submit any valid exploit (and supporting writeup) through Cantina’s interface with a link to the transaction (Etherscan or equivalent).
- There is no judging. No severity debates. No PoCs. Just hacking.
Participants operating within this framework are eligible to retain recovered funds.
Scope
- Addresses are within this cantina repository readme.
- Please note contracts may be upgraded during the CTF duration.
- Also please note that the asset prices may fluctuate during the ctf duration
Resources
Out of Scope
Any contract funds outside of the 4 listed markets within the CTF are not in scope.
Summary
Status
LiveTotal reward:
$100,000
Start date:
27 Jun 2025 1:00pm (local time)
End date:
8 Aug 2025 8:00pm (local time)
KYC
Required to joinYou need to be logged in as a researcher in order to join.