Product
Top Wardens Take Note: New Rules, Bigger Rewards
Maximize your earnings with the Code4rena Spring Update
We’re introducing some exciting new rules and roles that will increase rewards for top Wardens looking to establish themselves as the best security researchers in the industry.
These changes include a major update to C4’s submission flow and award structure, which will improve the value that projects get from sponsoring a competitive audit, while bringing more earnings to the Wardens who contribute the most meaningful submissions.
Read on for the full details of the update, and get ready to earn rewards to match your reputation when the changes go live on or after May 1st, 2024.
TL;DR Takeaways:
- 💰 More lucrative awards for Wardens finding HM awards, for both uniqueness AND breadth of coverage
- ➕ Increasing % of pool allocated to excellent QA reports – and introducing new Governance section
- 👋 Introducing SR (Security Researcher) levels
- ⚖️ New Validator role to speed up the judging process
Increased focus (and rewards) on HMs
Serious risks matter the most so we’re allocating a greater percentage of awards to HM findings. This stronger overall emphasis on HM awards in award calculations will make audits more lucrative for the top performing Wardens on C4.
And as further incentive, we’re introducing two new bonuses within the HM pool:
- Hunter bonus: 10% of the HM pool will be awarded to the warden or team who identities the greatest number of unique HMs.
- Gatherer bonus: 10% of the HM pool will be awarded to the warden or team who identifies the greatest number of valid **HMs.
- Both bonuses weigh Highs more heavily than Mediums, similarly to C4’s typical awarding mechanism.
Changes to QA Reports
These QA changes will reward the highest value QA and Gas reports, making them more beneficial for sponsors and the top Wardens.
- QA pools are increasing to 4% of the overall award pool.
- Introducing Governance section in the QA report for centralization risk and admin privileged functions.
- Non-critical findings are discouraged.
- Pausing bot races for the time being.
- Pausing Analysis for the time being.
- Gas optimization pools are opt out by default; sponsors who wish to include a Gas pool may choose to do so.
- Only the top 3 submissions in each of the QA and Gas categories will be awarded.
Security Researcher levels
From our very first competitive audit, Code4rena has been the place for talented security minds to get in their reps, earn a name for themselves, and make a career in web3 security.
Now we’re making that process more official with the launch of Security Researcher levels.
To achieve a level-up, you’ll need to improve your ranking, by attaining specific performance milestones and quality metrics. Your ranking improves by participating in open competitive audits.
Each level up brings increasing opportunities for compensation, role flexibility, and professional growth.
- “SR” will replace “backstage” as the criteria for earning the role currently called “backstage”
We have a lot more coming on this front soon. Stay tuned!
New Validator role
Validators are a new role that decentralizes triage, eliminates spam for customers, and speeds up the judging process. It will also mean that wardens' past performance in Code4rena will be a factor in how their submissions are reviewed.
- Each competition has a qualifying threshold that allows wardens to bypass validators. This threshold is based on your accuracy score.
- Qualified wardens’ submissions go directly to the usual findings repo.
- All other wardens’ submissions are routed to a Validation repo.
- 3-5 Validators review submissions immediately after the audit closes:
- Satisfactory submissions are forwarded to the findings repo
- Unsatisfactory submissions are closed
- Validators may also enhance submissions (add PoC, increase quality of report, etc.) in exchange for a % of the finding’s payout.
- The judge reviews all submissions in the findings repo.
Extra spring cleaning
- Updated awardcalc formula that better accounts for partials based on community feedback
- New audit readme format for clearer scope definition
If you have any questions about these changes, please visit the #questions channel in the Code4rena Discord.