Guardian x CodeHawks Bounty Contest Terms & Conditions
Last Updated May 13, 2025.
1.1. This $100,000 bounty contest program (“Contest”) is available solely to smart contract protocols (“Protocols”) that (i) have completed an audit with Guardian Enterprises LLC (“Guardian,” “we,” or “us”), (ii) have been approved for deployment by Guardian (as defined below), and (iii) are explicitly selected by Guardian to participate in this Contest in partnership with CodeHawks.
1.2. Participation is by invitation only and is subject to Guardian’s sole discretion. Guardian reserves the right to determine eligibility at any time and may revoke or deny participation without liability or obligation to provide justification or notification.
2.1. The Bounty Contest will be hosted by CodeHawks and run for thirty (30) calendar days from the date of launch (“Contest Period”), during which independent security researchers (“Auditors”) may submit vulnerability reports against the Protocol’s audited codebase.
2.2. Guardian will fund a fixed bounty pool of up to $100,000 USD (“Critical Pot”) for valid submissions classified as Critical Findings, based on the following conditions:
a. Qualification: A Critical Finding must meet CodeHawks' severity classification, which requires the bug to allow irreversible theft, locking, or compromise of ≥20% of the protocol’s deployed or accessible funds under normal operating conditions.
b. Judge Panel: All submissions will be evaluated by a three-member judging panel consisting of one representative each from Guardian, CodeHawks, and the audited Protocol. At least two out of three judges must agree on the severity classification for a Finding to be eligible.
c. Unique Finding: Only the first validated submission of a Critical Finding (“Known Finding”) will be eligible. Duplicate or substantially similar submissions will be disqualified.
d. Disqualification: Any attempt to tamper with live/testnet contracts, collude, or resubmit previously disclosed vulnerabilities may lead to disqualification at the sole discretion of the judging panel.
3.1. The Critical Pot will be funded and held by Guardian. CodeHawks will not custody or control these funds.
3.2. Guardian will disburse the bounty directly to winning researchers based on the judging panel's determination and CodeHawks’ submission summary.
3.3. No portion of the Critical Pot will be awarded unless a Critical Finding is validated. The Critical Pot is not guaranteed to be distributed.
4.1. The Bounty Contest applies only to vulnerabilities in the smart contract codebase reviewed and approved by Guardian prior to launch. Post-audit changes or off-chain issues are out of scope unless explicitly included in the Bounty Contest Policy.
4.2. Guardian is not responsible for any additional reward mechanisms created by the Protocol beyond the Guardian-funded Critical Pot.
5.1. Guardian reserves full discretion over contest selection, bounty funding, judging participation, and final payout approval.
5.2. Guardian may amend or cancel the program at any time prior to payout determination. All decisions by Guardian and the Judge Panel are final and not subject to appeal or arbitration.
6.1. These Terms shall be governed by and construed under the laws of the State of Delaware, United States.
6.2. Guardian makes no warranties, express or implied, regarding the Bounty Contest. Guardian is not liable for any indirect, incidental, or consequential damages arising from participation in this program.
6.3. “Approved for deployment by Guardian” means that Guardian has reviewed the final submitted codebase, confirmed that no Critical or High severity issues remain unresolved, and has issued written approval to proceed with deployment. Guardian’s approval does not constitute a certification, warranty, or guarantee of overall protocol security or correctness. It should not be interpreted as an endorsement or assurance of exploit-free deployment.
By participating in or accepting the terms of this Contest program, Protocols acknowledge and agree to these Terms and Conditions.