Sherlock V2
Before Sherlock initiates coverage on a protocol, a security assessment is conducted to determine the price of that coverage. Both parties will also need to come to a consensus around the coverage agreement. Most protocols will be able to use Sherlock's off-the-shelf coverage agreement, but in certain cases there will need to be language to account for special, protocol-specific situations.
Sherlock will also agree on a deductible amount with the protocol and a bug bounty amount before initiation of coverage.
Side note on protocol deductibles: The deductible is simply USD value of money the protocol agrees to set aside (outside of Sherlock's contracts) to compensate for hacks. Protocols will likely commit to a fixed USD-denominated deductible.

Pricing Changes

Sherlock will not change pricing (as a % of TVL) unless a code change is made in the current covered contracts or new contracts are added to coverage. This gives protocols peace of mind that the price they are paying will not fluctuate arbitrarily over time.
For small code changes and updates, Sherlock would not expect to change the premium. On larger updates (like new contracts or versions), Sherlock will move the pricing up or down depending on the deployed contracts' perceived riskiness compared to the prior deployed contracts under coverage.
Copy link