Bug Bounty

Crowdsourcing from a list of the world's top ethical hackers to provide you continuous assessment, for uncovering vulnerabilities before anyone else does.

product illustration

The CertiK Bug Bounty Platform

Combining years of Web3 security experience with a well-established technical community, CertiK’s Bug Bounty is the only Web3 platform providing fully managed end-to-end support with 0% fee on bounty payouts.

product overview

Submission Screening and Triage Support

CertiK’s expert security engineers will screen and qualify submissions and work with your team to implement the right fixes.

product overview

Community-Focused Ethical Hackers

Tap into our large technical community from the Security Leaderboard to attract leading ethical hackers to your project.

product overview

0% Fee on Bounty Payout

Our 0% fee model reduces the payout pressure for projects and allows for white hat hackers receive the full bounty.

Peace of Mind for your project and community

Setting up a bug bounty with CertiK allows projects to utilize the intelligence of ethical hackers to further derisk their code from additional vulnerabilities.

feature

Proactive Defense

White hat ethical hackers who have intuitive knowledge of the latest attacks can realize threats before malicious actors have the opportunity to exploit them.

feature

Crowd Sourced Security

Gain access to a highly-skilled community of ethical hackers that specialize in different areas of vulnerability detection.

feature

Expedited Submission Screening and Triage

Partner with CertiK security engineers who will rapidly review all your inbound bug submissions and help ensure the proper steps taken to fix any issues.

feature

Integration with Skynet Trust Score

Bug bounty remediation of findings is integrated with Skynet and will improve the overall trust score for your project.

The Next Step In Web3 Security

CertiK's bug bounty program offers a trusted platform for projects and ethical hackers to connect.

product overview

The Project

1. Get onboarded with a dedicated program manager.

2. Launch your program and activate your bounty badge on certik.com.

3. Receive submissions and pay bounties directly if qualified.

product overview

The Leaderboard User

1. Add projects with active bounty badges to your watchlist.

2. Strengthen your technical due diligence capabilities.

3. Evaluate projects with additional security measures.

product overview

The Ethical Hacker

1. Sign up to the platform and browse bounties.

2. Review in-scope assets and submit reports.

3. Get paid directly and gain your Web3 white hat reputation.

Working Together to Create a Safer Web3 Ecosystem

Web3, as well as associated Web2 elements of projects are increasingly under attack by malicious actors who seek to take advantage of security vulnerabilities in project code. These adversaries are always "one-step-ahead" of whatever security controls are in place to protect these projects - constantly running reconnaissance and coming up with new attack vectors inside the project’s threat landscape.