With an unmatched level of code review and on-demand access to top-tier security experts, Code4rena’s competitive audits have become a critical piece in the web3 security stack, but the public nature of these audits occasionally poses a challenge for certain projects.
In some cases, a fully public audit isn’t a great fit:
-
Stealth startups
-
Top secret NFT launches
-
Companies who closely guard IP and trade secrets
-
Projects sensitive to creating a public record of past vulnerability patterns
-
Anyone worried about getting contract deployments front-ran by competitors
-
Projects in need of frequent, incremental audits for small updates and upgrades
These constraints lead some projects to hire a private firm, or even forgo audits altogether. Even more costly, the need for privacy often forces organizations to engage in multiple rounds of audits from larger firms, compounding their scheduling challenges and shipping delays.
Fortunately, Code4rena competitive audits ensure more rigorous, faster coverage than traditional audits, at a relatively reduced cost. And now, we’re thrilled to offer a new product for teams that require more privacy.
Code4rena Classified: Private Audits for Any Project
Today, we’re excited to introduce Code4rena Classified: private competitive audits.
Code4rena Classified audits offer:
-
Flexible privacy options based on your needs
-
Same competitive audit model
-
Same time to market — can start within 48 hours
-
Similar fee structure to public competitive audits
But how does this work? Aren't Code4rena competitive audits completely permissionless?
Yes, our public audits allow anyone to show up and compete just by providing an address for awards. But we are now rolling out open access to sponsors to create new competitive audits featuring wardens who have met the conditions of our Certified Warden program.
Every Certified Warden has:
-
Agreed to our Certified Contributor Agreement which includes non-disclosure terms
-
Agreed to our Code of Professional Conduct, which holds wardens to high ethical standards
-
Completed a formal ID verification process
-
Established themselves as a positive contributor and maintained good standing in the Code4rena warden community
We've already trialed and had great success with Certified Wardens. If you followed along with our OpenSea Seaport audit, you've seen them in action. Every warden who received awards completed the certification process, leading to higher-quality submissions.
Today, more than 170 of Code4rena’s most proven wardens can deliver on Private Competitive Audits.
Audits Customized for Your Privacy Needs
With Code4rena Classified, C4 can now deliver privacy based on your needs:
-
Want to maximize the amount of participation but keep your name and results secret pre-launch? Code4rena can promote a [NAME REDACTED] audit publicly and require all participants to be Certified Wardens to access your code.
-
Want to run a private contest to keep your launch stealth and embargo the audit report until you're ready to include it in launch materials? We've got you covered.
-
Want to keep everything private about your audit, including the findings and the report? We can invite Certified Wardens only and deliver your report privately and confidentially.
This is a major addition to the Code4rena audit platform and we are excited about the opportunities private competitive audits offer to both stealth projects and top wardens eager to review fresh code.
Code4rena has audited projects including OpenSea, ENS, Sushi, PoolTogether, Connext, BadgerDAO, NFTX, and Slingshot.
When you’re ready for a competitive audit of your project—public or private—drop us a line in Telegram or Discord. We can spin up an audit within 48 hours.