Learn smart contract security and auditing. Get access to industry-leading web3 development courses, completely for free.

Start Learning For Free

Contests

    Sablier contest logo
    Live

    Sablier

    $53,440 USDC

    Sablier is a permissionless token distribution protocol for ERC-20 assets. It can be used for vesting, payroll, airdrops, and more. The sender of a payment stream first deposits a specific amount of ERC-20 tokens in a contract. Then, the contract progressively allocates the funds to the recipient, who can access them as they become available over time. The payment rate is influenced by various factors such as the start time, the end time, the total amount of tokens deposited and the type of stream.

    Ends in 9 days (May 10th — May 31st)

    Beanstalk: The Finale contest logo
    Upcoming

    Beanstalk: The Finale

    $200,000 USDC

    Beanstalk is a permissionless fiat stablecoin protocol built on Ethereum. Its primary objective is to incentivize independent market participants to regularly cross the price of 1 Bean over its dollar peg in a sustainable fashion. This is the culmination of all your Beanstalk experience in one final boss code base!

    Starts in 8 days (May 30th — Jul 8th)

    view
    TSender contest logo
    Upcoming

    TSender

    $15,000 USDC

    TSender is a hyper gas efficient protocol for air dropping tokens to a large number of users. Inspired by the work of the Gaslite team.

    Starts in 2 days (May 24th — May 31st)

    view
    Beanstalk Part 3 contest logo
    Community Judging

    Beanstalk Part 3

    $21,000 USDC

    Beanstalk is a permissionless fiat stablecoin protocol built on Ethereum. Its primary objective is to incentivize independent market participants to regularly cross the price of 1 Bean over its dollar peg in a sustainable fashion.

    Ended 2 days ago (May 6th — May 20th)

View All Contests

First Flights

    First Flight #16: Mafia Takedown contest logo
    Upcoming

    First Flight #16: Mafia Takedown

    An undercover AMA agent (anti-mafia agency) discovered a protocol used by the Mafia. In several days, a raid will be conducted by the police and we need as much information as possible about this protocol to prevent any problems. But the AMA doesn’t have any web3 experts on their team. Hawks, they need your help! Find flaws in this protocol and send us your findings.

    Starts in about 22 hours (May 23rd — May 30th)

    view
View All First Flights

How It Works

Protocol developers will submit a codebase for a smart contract audit. The audit can be a private audit, or a competitive audit.

In a competitive audit, our auditors will attempt to find vulnerabilities in the codebase in a set time period. Once the contest is over, it will be judged by judges. This means your identity as an auditor will be hidden until the rewards are given out. After all findings have been evaluated, a final audit report will be generated, and awards given out.

In a private audit, auditors will bid on the audit, and/or protocols will invite auditors to take on their audit. The protocol will work directly with the team/individuals they select. Think of private audits as UpWork for auditors.

As of CodeHawks v0.1, the private audits are still a work in progress.

Terms

Auditor - A security-focused smart contract researcher. These are the people who conduct security assessments on smart contract codebases. As auditors grow, they’ll level up into different titles reflecting their skills and accomplishments.
Competitive Audit - A time-boxed smart contract audit competition where many auditors attempt to submit as many vulnerabilities as possible found in the codebase in an attempt to win money and secure the protocol.
Judge - Someone who rates the submissions in the competitive audits.
Private Audit - A time-boxed smart contract audit where the protocol development team and a smart contract auditor.
Protocol - A set of smart contracts.
Protocol Developers - The group that creates the smart contracts.