Glossary

Sherlock Terminology

Bug Bounty

• A bug bounty is essentially a reward offered to an honest participant who finds a way to exploit a protocol. Black hat hackers are "bad guys" who exploit a protocol directly, leading to losses for all users. White hat hackers are "good guys" who report a potential exploit vector to the protocol team in return for a bug bounty reward (usually USDC).

Claim

• A claim occurs when a protocol covered by Sherlock receives a bug bounty submission or believes it has been hacked and believes Sherlock has a responsibility to repay the bug bounty or hack. See the claims section for details.

Coverage

• If Sherlock takes on a protocol as a customer, the "coverage" is the amount of tokens (USDC) that Sherlock will reimburse when a bug bounty submission or exploit (that falls under the coverage agreement) occurs.

Exploit

• For Sherlock's purposes, an exploit is the act of maliciously removing tokens (usually tokens deposited by others) from a protocol in an unintended way. Sherlock covers most (but not all) exploits that a protocol could experience. For a detailed breakdown of which exploits are generally covered, take a look at our current coverage agreements here.

Premium

• The amount of USDC a protocol pays Sherlock over a specified time interval. In return, Sherlock reimburses covered bug bounty submissions and exploits experienced by the protocol over that same time interval.

SHER

• Sherlock's token which is still in development. See the SHER section for more info.

Watsons

• "You know my methods, Watson. There was not one of them which I did not apply to the inquiry." - The Memoirs of Sherlock Holmes (1893)

• Watsons are the individuals without which Sherlock would be nothing. These are the security experts who do the deep fundamental research (audits) that allows Sherlock to confidently provide coverage for a given protocol's smart contracts.