what's Sherlock?
Sherlock is a decentralized platform providing comprehensive security services for smart contracts in the DeFi ecosystem. It operates as an audit marketplace where protocols can engage top security researchers through competitive contests to identify vulnerabilities before deployment. The platform combines traditional audits with innovative mechanisms like bug bounties and AI-assisted tools to enhance code review efficiency. At its core, Sherlock uses a unique coverage protocol that allows users to insure their funds against smart contract exploits, distributing risk across a pool backed by premiums and reserves. Researchers, known as "Watsons," participate in time-bound contests to find and report issues, earning rewards based on severity. This crowdsourced approach has secured billions in TVL for protocols like MakerDAO and GMX, fostering a more robust blockchain environment. Sherlock's native token, SHER, facilitates governance, staking for coverage, and incentives for participants. Built on Ethereum, it emphasizes transparency and community-driven security, evolving with features like AI auditing assistants to stay ahead of emerging threats.
Sherlock coordinates on SagaEVM vulnerability; mentioned for RWA security audit contests.
Audit codebases from Sherlock contests are included in EVMBench, an OpenAI benchmark (released in 2025) that evaluates AI agents on smart contract security using 40 audit codebases with 120 high-severity vulnerabilities.
Launched $7.5M bug bounty program with Usual Protocol in January 2026.
Coordinating with Saga and Cosmos Labs engineers to address a vulnerability in the Ethermint codebase that was exploited on SagaEVM on January 21, 2026.
Mentioned in a Centrifuge post discussing security frameworks for tokenized RWAs, with audit contests highlighted as a method for running adversarial reviews across codebases using hundreds of researchers.
Aave V4 codebase enters open security review on the platform, inviting auditors familiar with lending-pool mechanics to participate.
MetaVault audit report completed by Sherlock DeFi's #1 ranked auditor.
Dango completes DEX module audit contest on Sherlock platform, now evaluating issues ahead of Testnet-3 expected October 13.
New partnership with Mellow Protocol includes security testing of institutional-grade vaults.
New $50K audit contest for Tangent project launches August 28.
New $100K audit contest for onchain order book module running September 15-28.
$93K audit competition reward paid out to top performer, marking resumption of audit activities following June operational pause.
$12M exploit hits Cork Protocol, challenging security credentials of audit provider.
Platform currently has zero active web3 security contests, marking operational pause in audit activities.
Final security audit completed by Sherlock, clearing path for v1.0 upgrade rollout.
New bug bounty program launches with 200K USDC reward for critical vulnerabilities in Yearn v3 integration.
$16M bug bounty program launches as largest in Web3 history, in collaboration with NexusMutual and UsualMoney.
$16M single-bug bounty program launches as largest technology security reward in history.
Largest-ever crypto bug bounty program launches with $16M reward for critical vulnerabilities.