In 2023, the Web3 security landscape experienced significant changes, as detailed in CertiK's Annual Report. The year saw a notable decrease in financial losses due to hacks, scams, and exploits, down to $1.8 billion, which is 51% less than in 2022 and 65% lower than in 2021. Despite this positive trend, the number of incidents rose to 751, indicating ongoing vulnerabilities. November emerged as the costliest month, with losses totaling $363 million. Private key compromises were identified as a primary cause, responsible for half of the year's losses. The report also explores intriguing cases like KyberSwap and analyzes the correlation between DeFi’s Total Value Locked (TVL) and the losses incurred. CertiK's achievements in 2023 included launching the SkyInsights platform, earning accolades for mobile security, and receiving a significant bug bounty from SUI. This highlights the company’s proactive approach in the evolving field of Web3 security.

The Bug Bounty Leaderboard is a major step forward in collaborative cybersecurity for Web3. This platform unleashes the collective intelligence of white-hat hackers to reward those who protect the Web3 world. Every bounty reaches its rightful recipient with a zero-fee payout model. The Bug Bounty Leaderboard seamlessly integrates with Skynet to enrich the security scores that resonate with all stakeholders. This is a symbol of security and a badge of integrity. For white-hat hackers, it's about more than just bug hunting; it's about shaping the future of the industry. Engage, explore, excel. For users, the Bug Bounty Leaderboard's data is another tool in your belt, empowering you to conduct your Web3 security analysis with the information you need. We're building bridges, nurturing communities, and fostering innovation. Together, we can redefine security. Experience the Bug Bounty Leaderboard, where collaboration meets innovation, where challenges are met with solutions, and where security is a shared vision.

What makes a web3 project worth trusting? Trustlessness is one of web3’s foundational doctrines. It means that decentralized systems have no entity that users must trust for the system to function correctly. While most people do not have the technical expertise to perform their own audit of a system, CertiK can help by verifying if a web3 project is worth trusting. Certik’s KYC or Know your Customer verification increases trust while reducing the risk of fraud. Projects that earn a KYC badge demonstrate their commitment to their project. Certik’s Code Auditing involves the line-by-line inspection of a smart contract. Combining this with formal verification, Certik is able to calculate all possible values for all variables in a contract. A trustworthy project will adopt post-deployment measures to ensure that its platform functions safely. Certik’s Skynet, is an on-chain monitoring tool that uses AI to scan contract code using our database of vulnerabilities. Web3 projects that have enabled Skynet, will have their Skynet Trust Score displayed on their project’s entry on the Security Leaderboard. This provides users with a simple way to gauge a project’s overall security. Certik’s Security Suite, makes it easy for projects to demonstrate their commitment to transparency, while making the results freely available to all users. To learn more about what makes a web3 project worth trusting, visit certik.com/resources.