Learn smart contract security and auditing. Get access to industry-leading web3 development courses, completely for free.

Start Learning For Free

Contests

    Beanstalk: Dive Into Basin contest logo
    Upcoming

    Beanstalk: Dive Into Basin

    Basin is a composable EVM-native decentralized exchange protocol that allows for the composition of arbitrary exchange functions, network-native oracles and exchange implementations into a single liquidity pool known as a Well.

    Starts in 4 days (Apr 22nd — Apr 29th)

    view
    Beanstalk Part 2 contest logo
    Community Judging

    Beanstalk Part 2

    $35,000 USDC

    Beanstalk is a permissionless fiat stablecoin protocol built on Ethereum. Its primary objective is to incentivize independent market participants to regularly cross the price of 1 Bean over its dollar peg in a sustainable fashion. This audit is centered around the BIP (Beanstalk Improvement Proposal) that whitelists the BEAN:wstETH Well in the Silo and migrates liquidity underlying Unripe assets from BEAN:ETH to BEAN:wstETH.

    Ended 3 days ago (Apr 1st — Apr 15th)

View All Contests

First Flights

    First Flight #13: Baba Marta contest logo
    Live

    First Flight #13: Baba Marta

    Every year on 1st March people in Bulgaria celebrate a centuries-old tradition called the day of Baba Marta ("Baba" means Grandma and "Mart" means March), related to sending off the winter and welcoming the approaching spring. The "Baba Marta" protocol allows you to buy `MartenitsaToken` and to give it away to friends!

    Ends in about 5 hours (Apr 11th — Apr 18th)

View All First Flights

How It Works

Protocol developers will submit a codebase for a smart contract audit. The audit can be a private audit, or a competitive audit.

In a competitive audit, our auditors will attempt to find vulnerabilities in the codebase in a set time period. Once the contest is over, it will be judged by judges. This means your identity as an auditor will be hidden until the rewards are given out. After all findings have been evaluated, a final audit report will be generated, and awards given out.

In a private audit, auditors will bid on the audit, and/or protocols will invite auditors to take on their audit. The protocol will work directly with the team/individuals they select. Think of private audits as UpWork for auditors.

As of CodeHawks v0.1, the private audits are still a work in progress.

Terms

Auditor - A security-focused smart contract researcher. These are the people who conduct security assessments on smart contract codebases. As auditors grow, they’ll level up into different titles reflecting their skills and accomplishments.
Competitive Audit - A time-boxed smart contract audit competition where many auditors attempt to submit as many vulnerabilities as possible found in the codebase in an attempt to win money and secure the protocol.
Judge - Someone who rates the submissions in the competitive audits.
Private Audit - A time-boxed smart contract audit where the protocol development team and a smart contract auditor.
Protocol - A set of smart contracts.
Protocol Developers - The group that creates the smart contracts.