CodeHawks Live Contests & First Flights
Last updated Jul 09, 2026 · 13:17 UTC
Showing 1–20 of 45
45 audit contests
| Protocol | Source | Prize | Window | Link |
|---|---|---|---|---|
|
BattleChain Confidence Pools
|
|
$7 |
…
Jul 09 - Jul 16, 2026
7 days
|
View |
|
CodeHawks Escrow Contract - Competition Details
|
|
$40K |
Jul 24 - Aug 05, 2023
12 days
|
View |
|
Foundry DeFi Stablecoin CodeHawks Audit Contest
|
|
$15K |
Jul 24 - Aug 05, 2023
12 days
|
View |
|
Beedle - Oracle free perpetual lending
|
|
$20K |
Jul 24 - Aug 07, 2023
14 days
|
View |
|
Sparkn
|
|
$15K |
Aug 21 - Aug 29, 2023
8 days
|
View |
|
DittoETH
|
|
$55K |
Sep 08 - Oct 08, 2023
31 days
|
View |
|
Vyper - Compiler
|
|
$160K |
Sep 14 - Nov 04, 2023
51 days
|
View |
|
Steadefi
|
|
$35K |
Oct 26 - Nov 06, 2023
11 days
|
View |
|
The Standard
|
|
$20K |
Dec 27 - Jan 10, 2024
14 days
|
View |
|
stake.link
|
|
$27K |
Dec 22 - Jan 12, 2024
21 days
|
View |
|
MorpheusAI
|
|
$22K |
Jan 30 - Feb 03, 2024
4 days
|
View |
|
Moonwell
|
|
$15K |
Mar 04 - Mar 11, 2024
7 days
|
View |
|
Beanstalk Part 1
|
|
$100K |
Feb 26 - Mar 25, 2024
28 days
|
View |
|
Beanstalk Part 2
|
|
$35K |
Apr 01 - Apr 15, 2024
14 days
|
View |
|
Beanstalk: Dive Into Basin
|
|
$12K |
Apr 22 - Apr 29, 2024
7 days
|
View |
|
Beanstalk Part 3
|
|
$21K |
May 06 - May 20, 2024
14 days
|
View |
|
Sablier
|
|
$53K |
May 10 - May 31, 2024
21 days
|
View |
|
TSender
|
|
$15K |
May 24 - May 31, 2024
7 days
|
View |
|
Beanstalk: The Finale
|
|
$250K |
May 30 - Jul 08, 2024
39 days
|
View |
|
TempleGold
|
|
$25K |
Jul 04 - Jul 11, 2024
7 days
|
View |
CodeHawks Escrow Contract - Competition Details
Foundry DeFi Stablecoin CodeHawks Audit Contest
Beedle - Oracle free perpetual lending
Sparkn
DittoETH
Vyper - Compiler
Steadefi
The Standard
stake.link
MorpheusAI
Moonwell
Beanstalk Part 1
Beanstalk Part 2
Beanstalk: Dive Into Basin
Beanstalk Part 3
Sablier
TSender
Beanstalk: The Finale
TempleGold
About CodeHawks
CodeHawks launched as part of Cyfrin's audit ecosystem and is best known for First Flights: smaller, beginner-friendly audit contests with prize pools under $20,000. First Flights are how many new auditors build their first submission history before moving to larger Code4rena or Sherlock contests.
Full CodeHawks audits run 3 to 21 days with $20,000-$200,000 prize pools. This page shows only contests aggregated from CodeHawks. For audit contests on other platforms, see the full Web3 audit competition tracker.
Smart Contract Audit Competition & Bug Bounty Platforms Compared
Six major platforms host the Web3 audit competitions and smart contract bug bounty programs aggregated above. Click any platform to see only its active contests.
| Platform | Type | Typical Prize | Contest Length | Best For |
|---|---|---|---|---|
|
|
Audit contests | $50K to $500K | 3 to 14 days | DeFi protocols pre-launch |
|
|
Contests + bounties | $50K to $300K | 7 to 30 days | Insurance-backed audits |
|
|
Audit contests + First Flights | $5K to $200K | 3 to 21 days | Newer auditors building a track record |
|
|
Mega-comps + bounties | $200K to $2M+ | 14 to 30 days | Experienced researchers, high-value protocols |
|
|
Ongoing bug bounties | Up to $15M per critical | Ongoing | Production protocol vulnerability hunting |
|
|
Bounties + crowdsourced audits | $1K to $1M+ | Ongoing or time-boxed | Managed Web3 programs and exchange/protocol bounties |
Frequently Asked Questions
What are CodeHawks First Flights?
First Flights are small audit contests on CodeHawks designed for new auditors. Prize pools are under $20,000, scope is intentionally narrow (often a single contract), and competition is lighter than full audits. They are the standard onboarding path for new wardens.
How is CodeHawks different from Code4rena?
CodeHawks (run by Cyfrin) offers First Flights specifically for new auditors and includes Cyfrin's educational ecosystem. Code4rena has higher average prize pools but no beginner tier. Many auditors start with CodeHawks First Flights, then graduate to Code4rena.
What are the best smart contract bug bounty platforms?
The leading Web3 bug bounty platforms are Immunefi (largest, $15M max payouts on DeFi protocols), Cantina (Spearbit's bounty program plus audit competitions), HackenProof (managed Web3 bounties and crowdsourced audits), Sherlock (audit contests with insurance-backed bounties), and Code4rena (best known for time-boxed audit competitions). Codehawks rounds out the field with Cyfrin-run contests focused on emerging protocols and beginner-friendly First Flights.
Which audit competition platform pays the most?
Cantina runs the largest audit competitions ($2M+ prize pools for protocols like EigenLayer and Uniswap v4). Immunefi pays the highest per-bug bounty (up to $15M for critical findings). Code4rena and Sherlock typically run $100K-$500K audit contests. Codehawks First Flights are smaller but accessible to newer auditors.
How do smart contract audit competitions work?
Audit competitions invite security researchers to review a protocol's smart contract code for a fixed prize pool over 1-4 weeks. Rewards are split based on unique valid findings, weighted by severity (critical, high, medium). Code4rena, Sherlock, Codehawks, and Cantina are the main platforms.
How much can you earn in a smart contract audit competition?
Top auditors earn $10,000-$500,000+ per competition. Cantina and Code4rena regularly run $500K-$2M prize pool contests. Bug bounties can pay up to $15M per critical finding on platforms like Immunefi.
What is the difference between a bug bounty and an audit contest?
Audit contests run for a fixed time window with a fixed prize pool shared among all valid findings. Bug bounties are ongoing programs where each valid submission earns a direct per-vulnerability reward (often $50K-$15M depending on severity). Bug bounties require finding a real vulnerability in production code.
How do I get started with smart contract auditing?
Learn the most common vulnerability classes first: reentrancy, flash loan attacks, oracle manipulation, and access control. The SCH Smart Contract Hacking Course covers all the core attack patterns that audit competitions test, starting from zero experience.
How to Start Competing in Smart Contract Audits
A practical path from learning vulnerability classes to submitting your first contest finding.
-
Learn the core vulnerability classes
Master reentrancy, access control, oracle manipulation, flash loan attacks, and arithmetic overflows. These five classes account for most contest findings.
-
Practice on retired contests
Read every public report from past Code4rena and Sherlock contests. Try to spot findings yourself before reading the writeup. This is how every top auditor trained.
-
Start with CodeHawks First Flights
First Flights are small audit contests designed for newer auditors. Prize pools are under $20K, scope is small, and competition is lighter. They build real submission history.
-
Enter your first full competition
Pick an active audit contest from the tracker above filtered by Solidity and a $50K-$200K prize range. Spend 20 to 40 hours on the contest, even if you only find one valid medium-severity issue.
-
Build a public track record
Publish your findings, share writeups on Twitter and Mirror, and start accumulating valid submissions across multiple platforms. A documented track record is what opens bug bounty access and full-time auditor roles.