For protocols

CertiK Hunt
for serious protocols

A private network for vetted researchers, serious protocols, and independent verification. CertiK reproduces findings and sets severity before protocol review.

Backed by CertiK: 5,181 projects secured, $500B+ assessed since 2018.

why certik hunt

What changes when your
program runs on CertiK Hunt

A clean inbox
Your team only sees real, reproduced findings. Spam, duplicates, and out-of-scope reports never reach you.
Privatefilter metrics stay internal
The right researchers
Programs are surfaced to invited researchers whose prior work matches your surface: bridges, perps, oracles, ZK, and lending markets.
Inviteaccess approved per program
Independent verification
A CertiK expert reproduces each finding, checks duplicates, and sets severity independently of the protocol before review.
Prioritycritical findings first
Disclosure on your terms
Report details stay confidential and scoped to triage. Public disclosure stays aggregate-only until coordinated disclosure is approved.
Aggregate-onlyuntil coordinated disclosure
launch flow

From kickoff to controlled launch

intake · request submitted
Talk to CertiK
CompanyLumen Protocol
Contracts in scopeVaultV2.sol, Router.sol
Max bounty$250,000
DisclosureCoordinated
Submit request
01

Intake

Share your surface, known audit findings, and disclosure constraints so CertiK can route the program conversation.

certik vetting · in progress
Scope reviewdone
Asset verificationdone
Reward termsreviewing
Verified scope before the first report lands.
02

CertiK vetting

CertiK reviews scope, verifies assets, and records reward handling terms before the program opens.

live · accepting reports
Program sluglumen-vault-private
Scope assetsVaultV2.sol · 0x6b…a91cRouter.sol · 0x41…d02eOracleAdapter.sol
Critical $250K
High $50K
invited researchers12
03

Program live

The program opens to invited researchers whose prior work matches your stack and risk areas.

signal · routed
verified reports
CriticalVault withdrawal drain2026-05-18
HighOracle update bypass2026-05-21
MediumLimit check mismatch2026-05-24
one verified finding, one accountable owner.
04

Verified findings

Verified findings reach one accountable owner with severity, duplicate checks, and disclosure status already documented.

operations

Two triage modes

Two ways CertiK runs your program. Researchers always see one private intake path; you choose how much CertiK handles before findings reach your team.

01
Standard triage
Streamlined verification
CertiK reproduces each report, screens duplicates, and sets severity independently of the protocol. You see verified findings instead of raw intake noise.
Independent severity
Duplicate + scope screening
Private invited intake
Coordinated disclosure
Most chosen
02
Fully managed
CertiK runs it end to end
A named CertiK expert owns every report end to end — reproduction, severity, the protocol relay, and reward status — so your team only sees confirmed, costed findings.
Named senior triager
End-to-end protocol relay
Reward + response tracking
Audit + program continuity
talk to us

Start a CertiK Hunt program

Share enough context for CertiK to route the conversation and recommend the right triage mode.

  • Inquiries stay private to CertiK. Reports are encrypted AES-256 at rest.
  • Time-sensitive launches can be routed to your CertiK contact.
  • Audited and non-audited protocols welcome.
protocol inquiryprivate to CertiK
What's the project called?
Who is reaching out?
We follow up here.
Program stage
So CertiK can understand the right launch path.
Website, docs, audit history, surface (bridge, perps, ZK…), reward range, timing — whatever helps.
no public listing · private to CertiK