> For the complete documentation index, see [llms.txt](https://dualguard.gitbook.io/dualguard/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://dualguard.gitbook.io/dualguard/security-reviews/protocol-teams/security-review-contest-preparation.md).

# Security Review Contest Preparation

A strong contest starts with a stable review target.

The goal is simple. Guards should spend their time on attack paths, not setup friction, missing context, or moving scope.

If the contest is booked well in advance, DualGuard checks readiness before kickoff. These check-ins help catch scope drift, repo access issues, and last-minute changes before they affect the schedule.

### 72 hours before kickoff

No later than 72 hours before the contest starts, the protocol team should provide:

* the final frozen commit, branch, or tagged release candidate
* the final in-scope contract or module list
* any updated setup, testing, or environment instructions

The remaining engagement payment should also be completed by that point.

### If the project is not ready

The contest does not begin if key logistics are still open. That includes missing payment, missing access, or incomplete scope materials.

If the frozen codebase is not review-ready, or if the final scope is materially larger than planned, DualGuard may:

* move the contest to a later window
* extend the review, subject to staffing and revised pricing
* continue with narrower expectations and explicit constraints

If a reserved slot is blocked because the protocol is not ready on time, part or all of the deposit may be applied to the time already reserved for the engagement.
