Posted on Dec 05, 2023Read on

Sherlock Bug Bounty Coverage

Are you ready to massively improve your smart contract protocol’s security without breaking the bank?

Sherlock is thrilled to unveil its latest innovation: Bug Bounty Coverage.

In the ever-expanding world of crypto, where >$50Bn is now at stake, this is a game-changer you can't afford to miss.

What exactly is a bug bounty program?

Think of it as your project's safety net.

Once you deploy your project to a blockchain, setting up a bug bounty program is the next vital step. These programs typically offer rewards ranging from $15,000 to a staggering $15,000,000 to whitehat hackers for uncovering potential threats that could compromise your project. With dozens of projects now boasting bug bounty programs upwards of $500,000, it's clear that this is a crucial trend in protecting your crypto assets.

First, what is a bug bounty program?

Once a project team deploys its project to a blockchain, the next step is often setting up a bug bounty program. A bug bounty program lists a reward that the project team is willing to pay a whitehat for disclosing an attack vector that could hack the project.

These bounties can range from $15,000 to $15,000,000. The crypto space has grown to the point where $50Bn is now at risk, and projects have wisely been setting up larger bug bounty programs to keep up with the value at risk. Dozens of projects currently have $500,000 bug bounty programs.

What’s the problem?

Well, can your project's treasury handle an unexpected $500,000 payout? What about three of them?

Even a single bounty payout can significantly dent your finances in today's market. This uncertainty can keep you up at night, wondering when a whitehat might uncover a major vulnerability.

This is where Sherlock steps in, transforming worry into peace of mind. Imagine having the security of a large bug bounty without the financial unpredictability. Sherlock pays for your project's Critical-severity bug bounties after completing a Sherlock audit. Sherlock replaces those large, erratic sums with small, manageable monthly payments.

What’s in it for you?

  1. Assured attention from your security auditor, Sherlock, who's now deeply invested in uncovering major bugs before the bug bounty program goes live.

  2. A predictable financial plan allows you to breathe easier and focus on growth.

  3. An attractive bug bounty program that offers increased protection to your users against hacks.

Wasn’t Sherlock already offering this?

Until now, Sherlock has provided exploit coverage, paying out over $4.5M in two years. However, Sherlock’s bug bounty coverage was limited to 10% of the total exploit coverage. Today, Sherlock is shifting gears. The focus is now 100% on 'bug bounty-first' coverage, but Sherlock will still provide a matching amount of exploit coverage as a complimentary bonus. This strategic change aligns Sherlock’s incentives with yours, ensuring that Sherlock feels the impact of a blackhat breach just as acutely as you do.

How to get started

Ready to secure your project with Sherlock's groundbreaking Bug Bounty Coverage? Here's what you need to know:

  • Begin with a comprehensive Sherlock audit.

  • Choose a bug bounty coverage amount up to $500k.

  • Only Critical-severity bounties are covered, ensuring focus on significant threats.

  • Choose from self-hosted programs or platforms like Immunefi.

  • Interact with Sherlock’s crypto-native, battle-tested protocol for payment transactions.

  • Whitehats will prioritize your bug bounty program thanks to Sherlock’s fully on-chain, neutral adjudication process that whitehats can trust for a fair payout.

Security audits have evolved from a niche in 2016 to a necessity in 2023. Bug bounties need to follow suit, and Sherlock is leading the charge in making them accessible and affordable for every project in the space.

Get in touch with Sherlock to start your audit, or ask Sherlock any questions about bug bounty coverage.