Secure3
Secure3 is a battlefield where elite auditors compete to safeguard Web3 innovations against security threats.
Roles
Projects: sponsor the audit contest and reward the auditors who helped them secure their code
Auditors: securing the web3 ecosystem together as one community through collaborative audit contests
Secure3:
Working together with the projects to ensure the spending is optimized for the best security coverage through:
Continuous improvement on auditor matching mechanism
Working together with projects and auditors to ensure auditors' hard work is fairly evaluated and rewarded
Continuous improvement on the Incentive Model and Severity Standard that strives for community growth
Traditional Audits vs. Secure3
Traditional Audits | Secure3 Audit Contests |
Fixed Cost: A high margin is paid to auditing firms' marketing costs and fixed salaries. | Flexible Cost: auditors from the community are scalable. Projects can customize audit contest plans based on requirements, timelines, and budget |
Long Wait Time: quality audit firms often have a long wait queue, sometimes months long | Flexible Time: The audit contest can start within 24 hours |
Limited Angles: A limited amount of auditors will examine your code. Big companies often just go through a checklist of routines | Diversified Coverage: 3-10x more auditors on each project. Often from different backgrounds and has to be creative to excel |
Poor Incentive: No incentive to be creative and do extra out of routine. Defensive on mistakes, and stubborn in transparency | Great Incentive: Rewards are split based purely on performance. No findings no rewards.Maintaining a transparent standard and inclusive community is also the core interest of Secure3. |
Bug Bounty vs. Secure3
Bug Bounty | Secure3 Audit Contest |
Poor Incentive: Winner-takes-all, only one auditor will receive the reward for an issue, resulting in low engagement | Great Incentive: Rewards are split based on performance. No findings no rewards. Meanwhile, competition still provides auditors who discovered unique and creative findings the opportunities to excel |
Short-term Engagement: Anyone can participate anytime | Auditor Matching: Only verified auditors with the most relevant background can participate |
No Focus: Whitehats work on multiple projects, and only look at low-hanging fruit. | Dedication and Focus: An auditor is matched to one project at a time: have time and incentive to analyze your code from both security and business angles |
Low Efficiency: high-quality findings overwhelmed by random submissions. | High Efficiency: Cross-examination and validation are conducted in-house to optimize turnaround time for you |
How do we ensure ensure better audit quality?
To learn more about how Secure3 ensures better audit quality and efficiency, see the details in Projects.
Last updated