Vetted on both sides
CertiK carefully selects and approves both the programs and the researchers — no open submissions, no anonymous spam.
A private, invite-only Web3 security network. CertiK reproduces and rates every finding independently — so severity isn't quietly negotiated down to dodge a payout. Protocols get findings they can act on, not a flooded inbox.
Currently invite-only for vetted researchers and selected protocol partners.
Qualified security researchers identify vulnerabilities in participating projects and submit their reports through the platform.
Each submission is independently reviewed by CertiK — including a severity assessment set by CertiK, not the protocol — and delivered to the project along with the researcher's original report.
Accepted findings are paid out under responsible disclosure. CertiK runs triage and payouts; the protocol ships the fix.
Real vulnerabilities. Real rewards.
CertiK carefully selects and approves both the programs and the researchers — no open submissions, no anonymous spam.
Every submission undergoes an independent review by CertiK to validate the finding before it is shared with the project.
Every submission is handled confidentially, with security and privacy maintained throughout the process.
Join a private network where vetted researchers surface real vulnerabilities and protocols get actionable, CertiK-verified findings, with duplicates and out-of-scope reports already filtered.
Request my invite or redeem an existing code to work live programs with independent triage.
Launch a private CertiK Hunt program with CertiK verifying signal before it reaches your team.