19865
Findings analyzed
125
Co-audited protocols
47
Comparison protocols
91
Cross-firm issues
Head-to-head leaderboard
View trends →Catch rate is the severity-weighted share of known bugs a firm caught on protocols it co-audited with another tracked firm — rewarding catching what peers missed, not raw finding volume. Tune the sliders to weight Highs and Mediums relative to a Critical, and set how many audits a firm needs to be ranked. How it works.
Severity weights are relative to a Critical (100%).
10 firms ranked at the current threshold.
| # | Firm | Catch rate | Caught / Missed | Protocols |
|---|---|---|---|---|
| 1 | Code4rena | 53% | 477 / 394 | 29 |
| 2 | Sherlock | 49% | 184 / 208 | 10 |
| 3 | OpenZeppelin | 44% | 60 / 108 | 6 |
| 4 | Pashov Audit Group | 40% | 55 / 114 | 8 |
| 5 | Spearbit | 38% | 123 / 217 | 7 |
| 6 | MixBytes | 38% | 80 / 121 | 7 |
| 7 | Sigma Prime | 32% | 58 / 155 | 5 |
| 8 | Quantstamp | 31% | 22 / 65 | 7 |
| 9 | Cantina | 31% | 112 / 284 | 13 |
| 10 | Trail of Bits | 27% | 37 / 151 | 8 |
Unranked (fewer than the minimum comparison protocols): OtterSec, Consensys Diligence, Cyfrin, Halborn, Trust Security, Hexens.