Immunefi to absorb Code4rena customers as platform shuts

Code4rena announced it is shutting down its contest-style auditing platform and directed clients to work with Immunefi to handle outstanding bounties and ongoing security needs. Immunefi agreed to accept incoming customers and to manage the migration of their active programs to its system.

Under the arrangement, Immunefi will onboard Code4rena clients’ open programs, review outstanding vulnerability reports and manage payouts. Clients will be able to move active contests and bounty programs to Immunefi’s platform, where vulnerabilities are disclosed and rewarded through a continuous, report-driven process rather than a time-limited contest format.

Code4rena built its service around contest-style audits in which teams of auditors competed to find flaws and claim prizes. The platform attracted decentralized finance protocols, token teams and other web3 projects seeking community-sourced review. Immunefi operates a continuous bug-bounty marketplace that pays researchers for verified exploits and maintains funds reserved to cover high-severity vulnerabilities.

Projects transferring to Immunefi should expect technical and administrative steps to migrate programs, update public-facing bounty terms and coordinate on unresolved or disputed findings. Immunefi has committed to assist clients with those tasks, including reviewing active reports and coordinating pending verifications and payments to researchers.

Security professionals and project teams must ensure continuity of payout funds and that commitments to auditors with outstanding reports are honored during the transfer. Researchers who worked under Code4rena’s contest deadlines and scoring will need to adapt to Immunefi’s triage and reward workflows.

Code4rena’s closure and the transfer of its customers to Immunefi mark a change in how some crypto projects will manage external security testing, moving some programs from a prize-driven contest model to an ongoing bug-bounty model.