Sherlock V2
  • ๐Ÿ‘‹Intro to Sherlock
  • ๐Ÿ™‹FAQ
  • ๐Ÿ“šGlossary
  • โ€ผ๏ธDisclaimers
  • Audits
    • ๐Ÿง‘โ€๐Ÿ’ปProtocol Teams
      • How it Works for Protocols
      • Audit Timeline
      • Scheduling Process
      • Audit Preparation
      • Protocol Involvement During the Audit Process
      • Protocol Involvement Post-Audit
      • Rescheduling and Cancellations
      • Interim Updates and Upgrades
    • ๐Ÿ•ต๏ธWatsons
      • Lead Senior Watson Selection Process
      • Fix Review Process
      • Contest Points
      • How to Score Issue Points in a Contest
      • Meeting the Payout Criteria
      • Leaderboard Points Example
      • FAQ
    • ๐Ÿง‘โ€โš–๏ธJudging
      • Judging Conduct Guidelines
      • Criteria for Issue Validity
        • Criteria Changelog
      • Lead Judge
      • ๐Ÿง‘โ€โš–๏ธCommunity Judging
      • Dedicated Judge
      • Discussion
      • Sherlock's Exclusive Judging Apprentice Program
    • ๐ŸคReferral Program
  • Bug Bounties
    • ๐ŸŒฑPre-Launch Bounty
    • ๐Ÿš€Post-Launch Bounty
      • ๐Ÿ“œPlatform Rules
      • โš–๏ธDispute Resolution
  • Coverage
    • ๐Ÿ›ก๏ธSherlock Shield
    • ๐Ÿ’ฐStakers
      • Overview
      • Lockup Period
      • Payout Flow
      • Staking APY
    • ๐Ÿง‘โ€๐Ÿ’ปProtocol Teams
      • Getting Started
      • Coverage Premiums
      • Pricing
      • Composability and Coverage
      • Payout Flow
      • FAQ
    • ๐Ÿ“Claims
      • Claims Process
  • Tokens
    • SHER
    • Receipt NFTs
  • Governance
    • Roles
  • Developer
    • Overview
    • Stake Position Lifecycle
    • Claim Lifecycle
    • Protocol Lifecycle
    • SHER Distribution
    • Deployed Contracts
    • Contract Reference
    • Audits
Powered by GitBook
On this page
  • Sherlock Ecosystem
  • Protocols
  • Stakers
  • Watsons

Intro to Sherlock

NextFAQ

Last updated 9 months ago

Sherlock is an audit marketplace and smart contract coverage protocol built on the Ethereum blockchain. Sherlock works to protect Decentralized Finance (DeFi) users from smart contract exploits with security reviews from top auditors backed by smart contract coverage on the audited contracts.

You can find a brief overview of the Sherlock ecosystem below.

Sherlock Ecosystem

There are 3 main participants in the Sherlock ecosystem:

  1. Protocols

  2. Stakers

  3. Watsons

Protocols

Protocols come to Sherlock for audits from top independent security experts. Sherlock offers smart contract coverage on any contracts that are reviewed as part of the audit. Sherlock offers coverage primarily on white-hat bounties, which also includes some coverage on black-hat exploits. The coverage is optional, but adding the coverage allows protocols to know that Sherlock has "skin in the game" in terms of auditing the smart contracts. Basically, if the audited smart contracts have a critical bug, Sherlock will likely have to pay out hundreds of thousands of dollars. No other auditor offers this kind of backing for their audits.

Stakers

Stakers deposit USDC into the staking pools in return for an attractive APY. The APY stakers will receive is made up of 2 streams:

  1. Premiums from protocol customers

  2. Incentive rewards paid in SHER (Sherlockโ€™s governance token)

In return for these streams, a stakerโ€™s funds are at risk of being partially paid out (up to 50%) if a significant covered event (i.e. bug bounty payout) occurs on one of the audited contracts covered by Sherlock. Despite the risk, stakers are incentivized to stake because:

  1. There is an attractive APY to be earned for doing so

  2. Sherlock's audits are some of the best in the space

  3. Each covered protocol is required to have a deductible which can protect stakers against losses

Watsons

Sherlockโ€™s Watsons (the security experts) do a full audit of each prospective protocol's contracts and provide input as to the risk of the protocol's contracts. Sherlock audits feature both dedicated, top-tier auditors who are incentivized to find vulnerabilities in the codebase, as well as a contest pot where anyone in the world can find bugs. See Protocol Teams for more info on the audit process. And security experts (or those planning to become security experts) can see more information about how they can participate in audits in Watsons.

Whenever a Critical-severity vulnerability is discovered in a protocol (on an audited contract), Sherlock may pay for the bug bounty cost (minus a deductible). Sherlock's will decide whether or not the vulnerability falls under coverage and should be paid out.

๐Ÿ‘‹
claims process