'%3e%3cpath%20d='M12.4997%201.33325C10.39%201.33325%208.32772%201.95884%206.5736%203.13091C4.81947%204.30298%203.4523%205.96888%202.64496%207.91796C1.83763%209.86704%201.62639%2012.0118%202.03797%2014.0809C2.44955%2016.15%203.46545%2018.0506%204.95721%2019.5424C6.44897%2021.0342%208.34959%2022.0501%2010.4187%2022.4616C12.4878%2022.8732%2014.6326%2022.662%2016.5816%2021.8546C18.5307%2021.0473%2020.1966%2019.6801%2021.3687%2017.926C22.5408%2016.1719%2023.1663%2014.1096%2023.1663%2011.9999C23.1663%209.17094%2022.0425%206.45783%2020.0422%204.45745C18.0418%202.45706%2015.3287%201.33325%2012.4997%201.33325ZM12.4997%2021.3333C10.6537%2021.3333%208.84922%2020.7859%207.31436%2019.7603C5.7795%2018.7347%204.58322%2017.2771%203.8768%2015.5716C3.17039%2013.8662%202.98555%2011.9896%203.34568%2010.1791C3.70581%208.36859%204.59473%206.70554%205.90002%205.40025C7.20531%204.09496%208.86835%203.20605%2010.6788%202.84592C12.4893%202.48579%2014.3659%202.67063%2016.0714%203.37704C17.7768%204.08346%2019.2345%205.27974%2020.2601%206.8146C21.2856%208.34945%2021.833%2010.154%2021.833%2011.9999C21.833%2014.4753%2020.8497%2016.8492%2019.0993%2018.5996C17.349%2020.3499%2014.975%2021.3333%2012.4997%2021.3333Z'%20fill='white'/%3e%3cpath%20d='M19.167%208.06667C19.042%207.9425%2018.8731%207.8728%2018.697%207.8728C18.5208%207.8728%2018.3519%207.9425%2018.227%208.06667L10.8269%2015.4333L6.82695%2011.4333C6.70495%2011.3016%206.53562%2011.2237%206.35621%2011.2169C6.1768%2011.21%206.00201%2011.2747%205.87028%2011.3967C5.73856%2011.5187%205.66069%2011.688%205.65382%2011.8674C5.64694%2012.0468%205.71162%2012.2216%205.83362%2012.3533L10.8269%2017.3333L19.167%209.01333C19.2294%208.95136%2019.279%208.87762%2019.3129%208.79638C19.3467%208.71514%2019.3642%208.62801%2019.3642%208.54C19.3642%208.45199%2019.3467%208.36485%2019.3129%208.28361C19.279%208.20237%2019.2294%208.12864%2019.167%208.06667Z'%20fill='white'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_2790_31187'%3e%3crect%20width='24'%20height='24'%20fill='white'%20transform='translate(0.5)'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
A Quick Look at DualDefense
The landscape of Web3 security is evolving — and so is DualDefense.
Since its launch, this model has redefined how projects approach code protection by combining two layers of verification: a professional audit and a crowdsourced review by ethical hackers.
Traditional audits provide structure, methodology, and reliability. But they often follow a fixed framework that may miss context-specific or unconventional issues. DualDefense bridges this gap by inviting hundreds of independent security researchers to review the code after the initial audit — bringing diversity, creativity, and fresh perspectives into the process.
This dual-layered approach has already proven its effectiveness. Over time, it has helped projects detect critical vulnerabilities that might have otherwise gone unnoticed, while providing the staking community with real, measurable rewards for contributing to ecosystem safety.
Now, DualDefense is moving forward once again — expanding its reward mechanisms beyond $HAI and introducing multi-asset staking pools, starting with $wETH. This update marks an important milestone in the evolution of decentralized, community-driven security.
What’s New: $wETH Staking and Payouts
For the first time, hackers participating in a DualDefense Audit Contest can now receive payouts in $wETH for any critical vulnerabilities they discover. This marks an important expansion beyond the previous single-token model, providing greater flexibility for participants and aligning rewards more closely with broader Web3 practices.
Meanwhile, the staking rewards for $HAI holders remain in $USDC, offering stable 160% APY as before. By separating the vulnerability payouts from staking yields, this update allows both security researchers and token stakers to benefit optimally from the system — hackers earn in $wETH directly for their contributions, while stakers continue to enjoy predictable returns.
This new multi-asset approach is still experimental but represents a key step in the ongoing evolution of Dual Defense, demonstrating how the system adapts to the needs of both the security community and project teams. It sets the stage for future expansions, including potential new pools and integrations for other communities or tokens.
Expanding Opportunities: Community Flash Pools
DualDefense is not just about audits — it’s also about community engagement. With the new update, projects that have their own community and token can launch Flash Pools specifically for their audience. This means that members of your community can stake tokens and participate in the rewards system, creating a direct incentive to support the project’s security.
Here’s how it works:
- A project sets up a Flash Pool with a chosen token (for example, $HAI or a community token).
- Users in the community stake their tokens into the pool.
- The pool funds the rewards for hackers who discover critical vulnerabilities during the crowdsourced phase of a DualDefense Audit.
- If no critical issues are found, stakers still earn APY rewards from the pool.
By involving the community directly, DualDefense creates a collaborative ecosystem where auditors, security researchers, and token holders all contribute to safer products. This model not only increases the scope and depth of testing but also strengthens the bond between projects and their communities, making security a shared responsibility.
Dual Defense in Numbers
DualDefense has already proven itself as a powerful tool for Web3 security. As of October 8, 2025, the system has achieved impressive results:
- 39 DualDefense Audit Contests have been launched following audits conducted by professional security providers.
- Over 600 validated vulnerability reports have been submitted (excluding spam), helping identify critical issues in 5 projects — totaling more than 10 unique critical vulnerabilities.
- More than $200,000 (in USDC equivalent) has been paid out to hackers for their contributions.
- Users have staked over $1 million (approximately 60 million $HAI tokens), earning more than $120,000 in APY rewards so far.
- Three contests are still in triage, so these numbers are expected to grow.
Why DualDefense Benefits Any Project
With DualDefense, projects always gain valuable insights and confidence:
- If critical vulnerabilities are discovered: the team can address them promptly, strengthening the safety of the product.
- If no major issues appear: the audit validates the reliability of the system, giving confidence to both the team and users.
Companies like Cueva, Strobe, Majority Games, CoinDepo, Bert, SuiDex, and many others have already benefited from this approach, proving its effectiveness.
Looking to enhance your project’s security?
Book a call with our security expert and take the next step toward safer, more secure products.
