Featured Contest

Steadefi — $35,000

Oct 26th, 2023 — Nov 6th, 2023

Steadefi is the next-gen DeFi protocol designed to provide the highest and most sustainable real yields to our investors without the stress of constant...

View all contests

Want to level up your web3 security skills?

Apply for early access


    Vyper - Compiler contest logo
    judging period

    Vyper - Compiler

    $160,000 USDC

    Vyper is a Pythonic programming language designed specifically for the Ethereum Virtual Machine. Prioritizing security, compiler simplicity, and auditability, Vyper intentionally omits several features from Python to reduce vulnerabilities and potential EVM exploits. Vyper enables developers to deploy smart contracts on the Ethereum platform while ensuring that the contracts are more transparent and easier to audit than those written in other languages.

    Ended about 1 month ago (Sep 14th — Nov 4th)

View all contests

First Flights

    First Flight #5: Santa's List contest logo

    First Flight #5: Santa's List

    He's making a smart contract and checking it twice ... Let's find out if this protocol has been naughty or nice!

    Ends in 1 day (Nov 30th — Dec 7th)

View all first flights

How It Works

Protocol developers will submit a codebase for a smart contract audit. The audit can be a private audit, or a competitive audit.

In a competitive audit, our auditors will attempt to find vulnerabilities in the codebase in a set time period. Once the contest is over, it will be judged by judges. This means your identity as an auditor will be hidden until the rewards are given out. After all findings have been evaluated, a final audit report will be generated, and awards given out.

In a private audit, auditors will bid on the audit, and/or protocols will invite auditors to take on their audit. The protocol will work directly with the team/individuals they select. Think of private audits as UpWork for auditors.

As of CodeHawks v0.1, the private audits are still a work in progress.


Auditor - A security-focused smart contract researcher. These are the people who conduct security assessments on smart contract codebases. As auditors grow, they’ll level up into different titles reflecting their skills and accomplishments.
Competitive Audit - A time-boxed smart contract audit competition where many auditors attempt to submit as many vulnerabilities as possible found in the codebase in an attempt to win money and secure the protocol.
Judge - Someone who rates the submissions in the competitive audits.
Private Audit - A time-boxed smart contract audit where the protocol development team and a smart contract auditor.
Protocol - A set of smart contracts.
Protocol Developers - The group that creates the smart contracts.