TL;DR

Multi-week competitive audit where submissions open and close weekly
Sponsors get weekly access to triaged findings throughout the audit without compromising the integrity of the competition.
Wardens get access to identified issues from previous round, an incentive to submit lower-hanging fruit earlier, and fewer duplicates overall.

Schedule

Tuesday 20:00 UTC
- Submissions open
- In all but the final week, only High- and Medium-risk issues may be submitted.
Friday 20:00 UTC
- Submissions close
- SR and ZR wardens are granted access to view submissions
- Validator starts triage
Monday 20:00 UTC
- Sponsor receives triaged and deduped findings
- Sponsor has until Tuesday 20:00 UTC to flag any high-risk or critical findings affecting live code; these will be kept private.
Tuesday 20:00 UTC
- Submissions re-open
- Preliminary known issues are made available to everyone who submitted findings in round 1 (these are now considered known issues, and therefore out of scope)
QA reports (Lows) only accepted during final week

How awarding works

The HM pool is divided into increasing shares as the audit progresses. Up to 30% of the HM pool is allocated for early issues, with that 30% split up across early phases and progressively increasing.

For a two-week competition:
- Week 1: 30% of total HM pool
- Week 2: 70% of total HM pool
For a three-week competition:
- Week 1: 10% of total HM pool
- Week 2: 20% of total HM pool
- Week 3: 70% of total HM pool
For a four-week competition:
- Week 1: 5% of total HM pool
- Week 2: 10% of total HM pool
- Week 3: 15% of total HM pool
- Week 4: 70% of total HM pool

If no valid HMs are found in a given week, the allocated funds for that week are redistributed among the weeks with valid findings. As a general rule, allocated funds for earlier phases are redistributed to later phases (e.g. in a three-week competition, if there are valid HMs in Weeks 1 and 3, but no valid HMs in Week 2, the funds for Week 2 would roll into Week 3).

Changelog: