Hats Finance

• Name: Hats Finance
• URL: https://www.hats.finance/
• Category: web3 security marketplace / decentralized bug-bounty infrastructure / audit-competition control plane
• Summary: Hats Finance is a small security-marketplace note, but it earns its keep because the bounty vault is onchain. What matters is the attempt to put reward funding, submission evidence, and some committee logic onto protocol rails instead of leaving everything inside a hosted dashboard.
• What it does:
  • Runs web3-native audit competitions where protocols scope code, fund rewards onchain, and accept submissions from a community of security researchers
  • Offers non-custodial bug-bounty programs built around bounty vaults, committee review, encrypted disclosure channels, and onchain proof-of-submission
  • Uses first-unique-submission reward logic in audit competitions to reduce duplicate reports and emphasize fast, high-signal findings
  • Positions disputes around severity or validity for decentralized arbitration rather than relying only on a platform operator
  • Maintains public smart-contract and competition repos that expose the underlying onchain incentive and submission model
• Key claims:
  • The docs position Hats as a decentralized security platform that aligns incentives between protocols and researchers through audit competitions and bug bounties.
  • The overview says Hats is a non-custodial protocol for bug bounties and audit competitions, emphasizing lower fees, pay-for-results pricing, and onchain reward readiness through vault creation.
  • The audit-competitions docs describe a crowd-review model where rewards are tied to severity and uniqueness of findings and only the first unique valid submission is rewarded. That makes duplicate handling and timing part of the mechanism, not just moderation policy.
  • The bug-bounties docs frame Hats bounty vaults as permissionless, privacy-preserving, scalable, and open to third-party liquidity provision, which is the real reason to keep the note: the funding rail is more explicit than in a normal SaaS bounty platform.
  • The public GitHub org and hats-contracts repo reinforce that Hats publishes smart-contract infrastructure and competition repositories rather than operating only as a closed marketplace.
• Whitepaper: No canonical standalone Hats Finance whitepaper or litepaper surfaced in this pass. The clearest current source of truth is the official docs plus the public GitHub org and contract repo notes saved in ../whitepapers/hats-finance-primary-sources-2026-04-27.md.

Sources

• https://www.hats.finance/
• https://docs.hats.finance/
• https://docs.hats.finance/welcome-to-hats-finance/master
• https://docs.hats.finance/welcome-to-hats-finance/audit-competitions
• https://docs.hats.finance/welcome-to-hats-finance/bug-bounties
• https://github.com/hats-finance
• https://raw.githubusercontent.com/hats-finance/hats-contracts/master/README.md

Internal linkages

• Best upward reads: cantina and immunefi.

Comparable to / differs from

• Comparable to: hosted security marketplaces when the question is bounty intake and review workflow.
• Differs from: those broader stacks because the onchain bounty-vault experiment is the only part here that is really distinctive.

Control / trust posture

• The practical authority sits in vault design, committee review, submission-timing rules, severity decisions, and whether arbitration ever becomes meaningfully decentralized instead of just marketing copy.

• So the note matters as a specimen: more protocol rail than most bounty platforms, still nowhere near a broad security-operations leader.

• Last reviewed: 2026-06-01 UTC