Cyfrin Solodit Findings API Specification

Overview

The Solodit Findings API provides programmatic access to search and filter security findings from audits across multiple platforms (Code4rena, Sherlock, Cyfrin, etc.). This API endpoint offers the same powerful filtering capabilities as the Solodit web interface but optimized for API consumers with higher pagination limits.

Base URL: https://solodit.cyfrin.io/api/v1/solodit

Endpoint: /findings

Method: POST

Authentication: API Key required

Authentication

All requests require an API key passed via the X-Cyfrin-API-Key header.

Obtaining an API Key

Create an account on solodit.cyfrin.io
Open the dropdown menu in the top right corner of the nav
Open API Keys modal and generate a API Key

CleanShot 2025-12-10 at 21.08.08@2x.png

Using Your API Key

curl -X POST <https://solodit.cyfrin.io/api/v1/solodit/findings> \\
  -H "Content-Type: application/json" \\
  -H "X-Cyfrin-API-Key: sk_your_api_key_here" \\
  -d '{"page": 1, "pageSize": 10}'

Rate Limiting

Default Rate Limit: 20 requests per 60-second window