Usual has announced a significant bug bounty program offering $16 million to identify critical vulnerabilities within its codebase. This initiative, described as the "largest bug bounty prize in tech history," is being hosted by the blockchain security firm Sherlock, which launched the program on Wednesday.

Before this, the record for the largest bug bounty in the crypto industry was held by Uniswap, with a $15.5 million payout. Other notable bug bounties included those from LayerZero Labs ($15 million) and Wormhole ($10 million).

In the broader tech sector, Google’s $12 million bug bounty program from 2022 remains one of the largest on record.

The announcement comes as Usual’s total value locked (TVL) exceeds $880 million, underscoring the protocol's commitment to security. The program specifically targets vulnerabilities categorized as critical, defined by Sherlock as those that could lead to a "definite and significant loss of funds" or a "significant freezing of funds for over one year."

Participants must submit their findings directly to the Usual bug bounty page on the Sherlock platform. Previously, the Usual codebase underwent 20 audits, including a recent contest hosted by Sherlock, which featured a $209,000 prize pool. However, no valid medium vulnerabilities were identified during that audit.

In January, Usual’s staked USD0 token experienced an 8.5% drop after adjustments to its mechanics, raising concerns within the community.

Despite this, the liquid staked version, USD0++, remains pegged to $1 and operates under a different financial model.