# Sherlock Bug Bounty Coverage By [Sherlock](https://paragraph.com/@sherlock) · 2023-12-05 --- Are you ready to massively improve your smart contract protocol’s security without breaking the bank? Sherlock is thrilled to unveil its latest innovation: Bug Bounty Coverage. In the ever-expanding world of crypto, where **\>$50Bn** is [now at stake](https://defillama.com/), this is a game-changer you can't afford to miss. ### **What exactly is a bug bounty program?** Think of it as your project's safety net. Once you deploy your project to a blockchain, setting up a bug bounty program is the next vital step. These programs typically offer rewards ranging from **$15,000** to a staggering [**$15,000,000**](https://immunefi.com/bounty/layerzero/) to whitehat hackers for uncovering potential threats that could compromise your project. With [dozens](https://immunefi.com/explore/) of projects now boasting bug bounty programs upwards of **$500,000**, it's clear that this is a crucial trend in protecting your crypto assets. ### **First, what is a bug bounty program?** Once a project team deploys its project to a blockchain, the next step is often setting up a bug bounty program. A bug bounty program lists a reward that the project team is willing to pay a whitehat for disclosing an attack vector that could hack the project. These bounties can range from $15,000 to [$15,000,000](https://immunefi.com/bounty/layerzero/). The crypto space has grown to the point where [$50Bn](https://defillama.com/) is now at risk, and projects have wisely been setting up larger bug bounty programs to keep up with the value at risk. Dozens of projects currently have [$500,000](https://immunefi.com/explore/) bug bounty programs. ### **What’s the problem?** Well, can your project's treasury handle an unexpected **$500,000** payout? What about three of them? Even a single bounty payout can significantly dent your finances in today's market. This uncertainty can keep you up at night, wondering when a whitehat might uncover a major vulnerability. This is where Sherlock steps in, transforming worry into peace of mind. Imagine having the security of a large bug bounty without the financial unpredictability. Sherlock pays for your project's Critical-severity bug bounties after completing a Sherlock audit. Sherlock replaces those large, erratic sums with small, manageable monthly payments. ### **What’s in it for you?** 1. Assured attention from your security auditor, Sherlock, who's now deeply invested in uncovering major bugs before the bug bounty program goes live. 2. A predictable financial plan allows you to breathe easier and focus on growth. 3. An attractive bug bounty program that offers increased protection to your users against hacks. ### **Wasn’t Sherlock already offering this?** Until now, Sherlock has provided exploit coverage, paying out [over **$4.5M**](https://app.sherlock.xyz/overview) in two years. However, Sherlock’s bug bounty coverage was limited to 10% of the total exploit coverage. Today, Sherlock is shifting gears. The focus is now 100% on 'bug bounty-first' coverage, but Sherlock will still provide a matching amount of exploit coverage as a complimentary bonus. This strategic change aligns Sherlock’s incentives with yours, ensuring that Sherlock feels the impact of a blackhat breach just as acutely as you do. ### **How to get started** Ready to secure your project with Sherlock's groundbreaking Bug Bounty Coverage? Here's what you need to know: * [Begin](https://audits.sherlock.xyz/request-audit) with a comprehensive Sherlock audit. * Choose a bug bounty coverage amount up to **$500k.** * Only Critical-severity bounties are covered, ensuring focus on significant threats. * Choose from self-hosted programs or platforms like [Immunefi](https://immunefi.com/). * Interact with Sherlock’s crypto-native, battle-tested [protocol](https://app.sherlock.xyz/overview) for payment transactions. * Whitehats will prioritize your bug bounty program thanks to Sherlock’s fully on-chain, neutral [adjudication process](https://docs.sherlock.xyz/coverage/claims/claims-process) that whitehats can trust for a fair payout. Security audits have evolved from a niche in 2016 to a necessity in 2023. Bug bounties need to follow suit, and Sherlock is leading the charge in making them accessible and affordable for every project in the space. [Get in touch](https://audits.sherlock.xyz/request-audit) with Sherlock to start your audit, or [ask](https://mailto:contact@sherlock.xyz?subject=Bug%20Bounty%20Coverage) Sherlock any questions about bug bounty coverage. --- *Originally published on [Sherlock](https://paragraph.com/@sherlock/sherlock-bug-bounty-coverage)*