<aside> 💡 For the duration of your Code4rena audit, C4 wardens (auditors) may reach out to ask questions about your code, project, and potential vulnerabilities. Here are a few tips for managing these conversations.

</aside>

How Warden Q&A works

Your client dashboard will display a link to your Warden Q&A inbox during the submission phase. If you have questions about how in-app Q&A works, check out the platform guide.

Topics: dos and don’ts

<aside> ❗ 0day / critical findings: If you receive a sensitive disclosure during the audit, please point the warden to the relevant section of C4’s submission policy so that we can pull in your team and the judge immediately. Here’s the link to share: https://docs.code4rena.com/competitions/submission-guidelines#how-to-submit-zero-day-or-otherwise-highly-sensitive-bugs

</aside>

DO engage warden questions about:

• Specific issues or context about your project’s code
• Roadmap plans
• Trusted roles, etc.

DON’T engage in conversations about:

• Whether or not findings are valid: wardens should submit their best efforts via the submission form, and the judge will evaluate their work.

• How Code4rena audits work - feel free to ignore these, or direct them to C4 staff

• How the audit is going, e.g.

  • trying to sniff out where “hot spots” may be
  • asking how many findings there are so far
  • etc.

  Wardens asking these types of questions are typically looking for “easy wins” rather than putting in the level of effort we want to reward.

• Auditing basics - feel free to ignore these.