Sherlock V2
Getting Started
If you're a protocol interested in getting an audit and/or smart contract coverage from Sherlock, please reach out to [email protected]
We'll get you set up with our pricing indicators and the Audit Requirements Checklist. The most up-to-date information will be found there.

Happy Flow

Once a protocol has seen the pricing and agreed to follow the Audit Requirements Checklist, the next steps are as follows:
  1. 1.
    Put down a 50% deposit towards the audit cost to lock in a date for the audit
  2. 2.
    A few days before the audit, Sherlock will check in an make sure the code is frozen and other aspects of the Audit Requirements Checklist have been met.
  3. 3.
    Most audits will take 2-3 weeks, depending on the size/complexity of the codebase (as decided by the Audit Requirements Checklist). During the audit, issues flagged by Sherlock's Watsons will be viewable so you can start thinking about fixes, etc.
  4. 4.
    Once the audit is complete, Sherlock requires the other 50% of the audit payment to be made, as well as the first 3 months of any coverage plan that has been selected by the protocol.
  5. 5.
    After this, Sherlock will deliver the preliminary audit report, and a time can be scheduled for a fix review. Fix reviews lasting one half-day are baked into the cost of the audit, anything more will require extra payment to compensate the Watsons for their time.
  6. 6.
    On the date of the fix review, Sherlock's Watsons will review any changes made related to issues flagged in the preliminary report.
  7. 7.
    Once the fixes are signed off on, the protocol can activate coverage for any Sherlock-audited contracts that are (or will be) on mainnet.
As the protocol team makes changes or updates to the protocol, Sherlock can work with the Watsons to review any changes made and the cost of these reviews will be simply based on the time spent by the Watsons.
For small changes, the cost can be less than one tenth the cost of a regular audit, and Sherlock can extend coverage to these contracts after the review.
This will save protocol teams from getting full-priced audits elsewhere and allow the protocol's contracts to still be covered after updates.
Copy link