Elite boutique audit guild operating exclusively on the Cantina marketplace. Reviews are conducted by hand-picked teams of 4-5 senior researchers (minimum two Lead Security Researchers), targeting the most complex DeFi, L1, and infrastructure protocols.
- 01high-complexity DeFi and L2 reviews
- 02novel cryptography / consensus changes
- 03protocols where senior expertise is non-negotiable
- 04follow-on reviews after a competitive contest
- 05long-engagement architectural review
- # No package — engage via https://cantina.xyz/welcome/spearbit
- # Reports: https://github.com/spearbit/portfolio
Use Spearbit (via Cantina) for senior, fixed-fee audits of complex protocols. Submit a request through cantina.xyz; Spearbit assembles a dedicated team of 4-5 researchers including two Lead Security Researchers, with direct Slack/Discord engagement for the duration of the review (typically 2-6 weeks). Deliverables include a triaged findings report, a fix-review pass, and a final published PDF in the spearbit/portfolio repo. Pair with a Cantina competitive review or Code4rena contest for breadth, and Immunefi for ongoing coverage.
- ⚑Spearbit's roster is gated — lead time can be 6-12 weeks for a slot; book before code-freeze, not after.
- ⚑Pricing is at the top of the market (often $200k-$1M+ per engagement); for early-stage protocols a Cantina marketplace review or Sherlock contest is more cost-effective.
- ⚑Scope must be locked at the kickoff commit — significant changes during the review usually trigger re-scoping fees and timeline extensions, not silent coverage.
- ⚑Findings are triaged but not exhaustively de-duplicated against external auditors — running Spearbit and a contest in parallel produces overlap that you still pay for.
- ⚑Public report publication is at the protocol's discretion; some engagements remain private indefinitely, which limits external trust signals.
- ⚑'Spearbit-grade' findings still depend on the specific researchers assigned — request the team roster up front and verify portfolio fit.