Sign in
  1. Competitions
  2. ctf
profile image

Superform - ctf

Superform CTF

Hack Superform, keep the money.

  • Add your wallet address to your profile (Profile -> Edit Profile -> CTF Addresses).
  • The contracts are live, you can (legally) hack it onchain.
  • Use cantina code interface to submit a writeup about the exploit, with a link to etherscan / equivalent.
  • There is no judging. No severity disputes. No PoC. Just hacking!

Planting The Flags

Starting December 28th, the Superform Protocol will be deployed on Avalanche, BNB Chain, and Polygon. Deposits will be made into 3 vaults on each chain for a total of 9 vaults. Deposits will be made into 3 vaults daily in tranches of $2.5k at 15:00 UTC until all deposits have been made.

The goal is to steal the ERC4626 shares held in Superform Protocol’s Superform contracts and tokens in transit from chain to chain. If stolen, the security researcher can keep the bounty in the vault. Users may do this via any protocol action — creating new Superforms, depositing/withdrawing from the protocol into vaults themselves via our contracts, etc.


  • Superform V1 Deployment
  • Superform Addresses with Deposits

See the full announcement here




Total reward:

$100,000 USDC

Start date:

28 Dec 2023 10:00pm UTC (local time)

End date:

14 Jan 2024 10:00pm UTC (local time)

The first marketplace for web3 security. We've aggregated the security talent and solutions so you don't have to.



© 2024 Cantina. All rights reserved.