🪐
Cantina Docs
  • 🪐Welcome to Cantina
  • 🤝Services
    • Security Reviews
    • Competitions
    • Bug Bounty
    • Guilds
    • Public Goods
  • 💵Referral program
  • 📄Public Reports
  • 👑Reputation
  • 👥Cantina Account
    • 🔷Claim an Account
    • 🔷Company Account
      • 🔹Create a Company Account
      • 🔹Managing users
      • 🔹Company Dashboard
      • 🔹Company Reviews
    • 🔷Security Researcher Account
      • 🔹Create Security Researcher Account
      • 🔹Security Researcher Dashboard
      • 🔹Calendar
      • 🔹Reviews
      • 🔹KYC and Payments
  • 💻Cantina Code
    • 🕵️Cantina Code for Security Researchers
      • 🔶Code Review
        • 🔸Download content and toggle sidebar
        • 🔸Highlighting code
      • 🔶Findings
        • 🔸Findings Submission
        • 🔸Findings Labels
        • 🔸Findings Status
        • 🔸Add code to existing finding
        • 🔸Examples
      • 🔶Chat
      • 🔶Reports
      • 🔶Comments & Pings
      • 🔶Diagrams & Formulas
    • 🏢Cantina Code for Companies
      • 🗄️Responding to Pings
      • 🗄️Responding to Findings
      • 🗄️Report Generation
  • 🏆Cantina Competitions
    • 🕵️For Security Researchers
      • 🔶Payments
      • 🔶Teams
      • 🔶Finding Status
      • 🔶Finding Labels
    • 🏢For Companies
      • 🗄️Competition Submission Template
    • 🧑‍⚖️Judging Process
      • 📜Finding Severity Criteria
      • 📜Scoring
      • 📜Judging Phase
      • 📜Escalation Process
    • 🤝 Fellowship Steward Model
  • 💰 Cantina Bounties
    • Bounty Severity Classification
    • Mediation Process for Bounties
  • ✅ Cantina Bug Bounty Coverage
    • Cantina Coverage Details
  • ❓FAQ
    • ❔FAQ Competitions
    • ❔FAQ Security Reviews
  • 🔗Links
Powered by GitBook
On this page
  • What are Cantina Competitions?
  • Goal

Cantina Competitions

PreviousReport GenerationNextFor Security Researchers

Last updated 3 months ago

What are Cantina Competitions?

Cantina Competitions are time-boxed code review events where Security Researchers compete to find the maximum number of valid vulnerabilities existing in a company's code base to receive payouts and other tangible benefits.

These events are conducted using Cantina Code, a code review technology developed to provide an advanced experience by

  1. Streamlining the communication process between clients and security researchers.

  2. Providing advanced UX for security researchers to submit vulnerabilities.

  3. Optimizing client's time spent on reviewing submissions with spam filters, judges, and continuous quality control using machine learning and manual techniques.

The result of a Cantina Competition is not only a significantly more secure code base but also heightened involvement and interest in improving the blockchain security industry.

Goal

Cantina Competitions aim to solve one of a multiple set of problems related to deploying safe code into production. In this particular case, Cantina Competitions are a step in the development lifecycle that serves to increase the product's security posture before it reaches the market.

During a Cantina Competition developers can expose their code in a pubic or private way to a wide array of security researchers who will submit vulnerabilities using Cantina Code to earn financial rewards, increase reputation and unlock opportunities to expand their career. This collective scrutiny helps uncover potential security flaws that might not be detected by automated tools or other security reviews.

Furthermore, to aid researchers in building a sustainable career, we're creating a platform that elevates security researchers through providing effective communication to clients, solo security review opportunities and supporting them with credibility through our Reputation system.

One example of this credibility system has already manifested itself as shown below:

Through building a truly better product and experience for code reviews, we will create better researchers with better findings, better payouts, and better opportunities to elevate their careers all-while maximizing the value driven to our clients.

🏆
Tweet about joining Spearbit through competitions, with top talent selected from a leaderboard. Relevant to web3 security audits, bug bounties, and talent scouting.