Security / Audit·Multi-chain
Sherlock
Hybrid audit platform pairing a Lead Senior Watson with a competitive Watson pool, plus optional smart-contract cover up to $10M against missed vulnerabilities found in scope.
- 01audit + insurance bundle
- 02senior lead + competitive coverage
- 03DeFi protocols seeking explicit financial backstop
- 04post-audit cover for institutional users
- 05guaranteed-payout contests with judge accountability
- # No package — engage via https://sherlock.xyz/audits
- # Watsons: profile at https://audits.sherlock.xyz
Use Sherlock when you want an audit contest with a designated senior reviewer and optional cover. Submit your scope (repo, commit, LOC, audit length) via the protocol team form; Sherlock matches a Lead Senior Watson (paid ~$10k/audit-week fixed) plus a competitive Watson pool. Findings are escrow-judged with on-chain dispute. After the audit, opt into Sherlock Audit Cover (2% of TVL covered for public contests, 2.5% for private) up to $10M payout if a missed in-scope vuln is exploited. Public reports live at github.com/sherlock-protocol/sherlock-reports.
- ⚑Insurance only covers vulnerabilities that were strictly in-scope at the audited commit — out-of-scope files, post-audit changes, and admin-key compromises are excluded.
- ⚑Watson reward distribution favors top finders (top 10% become Senior Watsons); duplicate findings receive a steep payout discount, similar to other contest platforms.
- ⚑The Lead Senior Watson is fixed-pay regardless of outcome — they may be incentivized differently than the competitive pool; review their public track record before agreeing to the assignment.
- ⚑Cover claims require the Sherlock DAO/judging committee to confirm in-scope status; expect review time before any payout.
- ⚑Audit pricing in 2026 ranges from ~$5k for tiny scopes to $250k+ for complex protocols; fixed fees scale with LOC and contest length, with cover priced separately.
- ⚑Sherlock requires Watsons to KYC for payouts above thresholds, identical to other platforms.