Partner with us to ensure that your smart contracts are operating as intended. The new paradigm of smart contracts requires small teams of developers to manage potentially millions of dollars of assets. We help to protect these assets by securing your code before it is deployed to a production environment.
Get in touch to set up an introductory call. We'll give you a quote with a cost and timeline for the audit.
We will require a code specification, some legal documents, and a deposit before we start the audit.
Our team of experts will audit the contracts, documenting their findings and recommended fixes in a private report.
You will then be able to address the issues outlined in the report before we begin the review process.
We will verify the changes and update the report. A public version of the report can then be released on your request.
Our audit reports have been used to list tokens on several top exchanges. We can provide client testimonials of this on request.
We offer a discount on payments made in major cryptocurrencies, however, we also accept wire transfers.
Great things take time. A typical ERC-20 token and crowdsale audit will take approximately 3 to 4 days, allowing us to perform an in-depth assessment of your codebase. For other types of smart contracts, we can provide a quote to you once we have determined the size and complexity of the codebase.
Our pricing is dependent on the size and complexity of the codebase. Get in touch with us to receive a quote.
We will manually read through the codebase to identify high risk areas of the code and potential security loopholes, which will be verified during the manual testing phase. We look for faults in business logic, discrepancies with the specification provided, and other flaws that could affect the functioning of the smart contract.
Our team of security professionals will manually deploy smart contracts to a testnet in order to assess them. We'll use our experience of participating in bug bounty programs to find edge cases in your code, whether it's a way to lock user funds in the contract or if a bonus percentage being calculated incorrectly.
In order to maximise coverage, we use static analysis tools to automatically identify the presence of vulnerabilities. These vulnerabilities will typically be related to under / overflow bugs, transaction-ordering dependence / front running, reentrancy, and other bugs that are well suited to an automated analysis.
We use dynamic analysis to automate the process of assessing certain business logic, where necessary. Additionally, we'll help to identify bugs in your test suite if they are provided with the smart contracts.