Comprehensive Smart Contract Audits

Last Updated July 2, 2025.

1. Eligibility

1.1 This bounty contest program (“Contest”) is available solely to smart contract protocols (“Protocols”) that: (i) have completed a security audit with Guardian Enterprises LLC (“Guardian,” “we,” or “us”); (ii) have been explicitly approved for deployment by Guardian (see Section 6.3); and (iii) have received written confirmation from Guardian, after the audit is complete, that they have been selected to participate in a Contest.

1.2 Participation is by invitation only and subject to Guardian’s sole discretion. Guardian reserves the right to determine eligibility at any time and may revoke or deny participation without liability or obligation to provide justification or notice.

2. Contest Structure & Conditions

2.1 The Bounty Contest will be hosted by Guardian and run for thirty (30) calendar days from launch (“Contest Period”), during which independent security researchers (“Auditors”) may submit vulnerability reports against the Protocol’s audited codebase.

2.2 Guardian will fund a fixed bounty pool (“Critical Pot”) for valid submissions classified as Critical Findings, based on the following conditions. The size of the Critical Pot will vary by contest and will be specified in the corresponding contest agreement.

a. Definition: A “Critical Finding” means any vulnerability which, under normal operating conditions of the Protocol and without exotic or contrived preconditions, allows an attacker to steal, lock, or otherwise irreversibly compromise access to more than twenty percent (20%) of the total user or protocol funds deployed or accessible within the smart contracts.

b. Judge Panel: All submissions will be evaluated by two (2) judges — one appointed by Guardian and one by the Protocol. Both judges must agree in writing that a submission qualifies as a Critical Finding for it to be eligible for payout. This determination must be documented and is final.

c. Unique Finding: Only the first validated submission of a Critical Finding (“Known Finding”) will be eligible. Duplicate or substantially similar vulnerabilities — including those submitted on other platforms — will be considered ineligible.

d. Disqualification: Any Auditor who tampers with live or testnet contracts, engages in malicious activity, submits findings from other platforms, or is reasonably suspected of collusion or fabrication will be disqualified from the Contest.

e. Format Disclosure: This Contest is structured as a “beat the auditor” challenge held on a first-come-first-serve basis. The Critical Pot will only be awarded if at least one Critical Finding is validated by both judges. There is no guarantee of payout if no valid Critical Findings are received.

3. Disbursement & Guardian Role

3.1 The Critical Pot will be funded and held solely by Guardian. No other party shall have custody, control, or disbursement authority.

3.2 Guardian will disburse rewards directly to qualifying Auditors upon validation. No portion of the Critical Pot will be awarded unless a Critical Finding is validated and agreed upon by both judges.

3.3 To receive payout, Auditors must:

Successfully complete KYC verification;
Submit any required tax documentation; and
Provide accurate payment details.

Failure to meet these requirements may result in delayed or canceled disbursement.

3.4 The Critical Pot is not guaranteed to be distributed.

3.5 Guardian is not responsible for rewards offered separately by the Protocol. Any such side rewards must be clearly disclosed and are entirely separate from the Guardian bounty.

3.6 Guardian retains full discretion over payment processing, and reserves the right to verify all documentation before releasing funds.

4. Scope and Limitations

4.1 The Bounty Contest applies only to vulnerabilities in the final, approved smart contract codebase. Post-audit changes, frontend, backend, or infrastructure bugs are out of scope unless explicitly included.

4.2 Guardian is not responsible for any reward mechanisms created or funded separately by the Protocol.

4.3 Findings submitted to other platforms prior to this Contest that are similar in root cause or impact will not be eligible for payout under this Contest.

5. Guardian Discretion

5.1 Guardian retains full discretion over contest selection, bounty funding, judge participation, disqualification, and final payout approval.

5.2 Guardian may amend these Terms at any time, including retroactive application to active or ongoing Contests. The most recent version will always govern current participation. All decisions by Guardian and judges are final and not subject to appeal.

6. Legal Terms and Definitions

6.1 These Terms shall be governed by the laws of the State of Delaware, United States. Disputes shall be resolved exclusively under the Delaware Rapid Arbitration Act (10 Del. C. §§ 5801 et seq.).

6.2 Guardian makes no warranties, express or implied, regarding the Bounty Contest. Guardian is not liable for indirect, incidental, punitive, or consequential damages arising from participation.

6.3 Agreement: These Bounty Contest Terms & Conditions (the “Terms”) constitute a binding agreement (the “Agreement”) between Guardian Enterprises LLC and the Protocol selected to participate in a Guardian-hosted bounty contest.

6.4 “Approved for deployment by Guardian” means Guardian has reviewed the final codebase, confirmed all Critical and High issues have been resolved, and issued written deployment approval. This approval does not constitute a certification, warranty, or security guarantee.

6.5 Indemnification: The Protocol, at its own expense, shall indemnify, defend, and hold harmless Guardian, its subsidiaries, affiliates, and assigns, and its and their directors, officers, members, managers, partners, shareholders, employees, advisors, and agents (collectively, the “Indemnified Parties”) from and against any and all losses, damages, liabilities, claims, awards, interest, and costs or expenses of whatever kind, including attorneys’ fees, incurred by an Indemnified Party arising out of or relating to any claim, suit, action, or proceeding by a third party to the extent arising out of or related to:

(i) any bounty contest associated with the Protocol, including any additional reward mechanisms funded or operated independently by the Protocol;

(ii) any breach or alleged breach by the Protocol (including any officer, director, employee, agent, contractor, affiliate, or other representative acting on behalf of or at the direction of the Protocol, collectively “Protocol Representatives”) of any representation, warranty, covenant, agreement, or obligation under these Terms;

(iii) any willful, intentional, or negligent act or omission by the Protocol or its Representatives; or

(iv) any actual or alleged unauthorized access to, use, disclosure, alteration, corruption, destruction, or loss of data or systems of Guardian, or failure to implement or maintain appropriate security measures by the Protocol, including any malware, vulnerability, or cybersecurity incident arising from or attributable to the Protocol or its infrastructure.

6.6 Limitation of Liability: Except as otherwise provided under this Agreement, neither party shall be liable for indirect, incidental, consequential, or punitive damages.

6.7 Severability: If any term or other provision of this Agreement is invalid, illegal or incapable of being enforced by any law or public policy, all other terms and provisions of this Agreement shall nevertheless remain in full force and effect so long as the economic or legal substance of the transactions contemplated hereby is not affected in any manner materially adverse to any Party. Upon any such determination that any term or other provision is invalid, illegal or incapable of being enforced, the Parties shall negotiate in good faith to modify this Agreement so as to affect the original intent of the Parties as closely as possible in a mutually acceptable manner in order that the transactions contemplated hereby are consummated as originally contemplated to the greatest extent possible.

6.8 Intellectual Property: All submissions, feedback, and content provided during the Contest remain the intellectual property of their respective authors. Guardian retains a non-exclusive, royalty-free license to use submitted content for evaluation and security research purposes.