Secure3
Secure3 is a battlefield where elite auditors compete to safeguard Web3 innovations against security threats.
Last updated
Secure3 is a battlefield where elite auditors compete to safeguard Web3 innovations against security threats.
Last updated
Projects: sponsor the audit contest and reward the auditors who helped them secure their code
Auditors: securing the web3 ecosystem together as one community through collaborative audit contests
Secure3:
Working together with the projects to ensure the spending is optimized for the best security coverage through:
Continuous improvement on auditor matching mechanism
Working together with projects and auditors to ensure auditors' hard work is fairly evaluated and rewarded
Continuous improvement on the Incentive Model and Severity Standard that strives for community growth
To learn more about how Secure3 ensures better audit quality and efficiency, see the details in Projects.
Traditional Audits
Secure3 Audit Contests
Fixed Cost: A high margin is paid to auditing firms' marketing costs and fixed salaries.
Flexible Cost: auditors from the community are scalable. Projects can customize audit contest plans based on requirements, timelines, and budget
Long Wait Time: quality audit firms often have a long wait queue, sometimes months long
Flexible Time: The audit contest can start within 24 hours
Limited Angles: A limited amount of auditors will examine your code. Big companies often just go through a checklist of routines
Diversified Coverage: 3-10x more auditors on each project. Often from different backgrounds and has to be creative to excel
Poor Incentive: No incentive to be creative and do extra out of routine. Defensive on mistakes, and stubborn in transparency
Great Incentive: Rewards are split based purely on performance. No findings no rewards.Maintaining a transparent standard and inclusive community is also the core interest of Secure3.
Bug Bounty
Secure3 Audit Contest
Poor Incentive: Winner-takes-all, only one auditor will receive the reward for an issue, resulting in low engagement
Great Incentive: Rewards are split based on performance. No findings no rewards. Meanwhile, competition still provides auditors who discovered unique and creative findings the opportunities to excel
Short-term Engagement: Anyone can participate anytime
Auditor Matching: Only verified auditors with the most relevant background can participate
No Focus: Whitehats work on multiple projects, and only look at low-hanging fruit.
Dedication and Focus: An auditor is matched to one project at a time: have time and incentive to analyze your code from both security and business angles
Low Efficiency: high-quality findings overwhelmed by random submissions.
High Efficiency: Cross-examination and validation are conducted in-house to optimize turnaround time for you