Specification Gathering
This stage is pivotal as thoroughness is essential for a successful smart contract security audit. We will collect the specifications from you to understand the desired behavior of the smart contract. During this phase, please provide a concise summary of the contract's intended function. Additionally, we will obtain specifications via forms.
Manual Review
Goals of manual review
Verify that every detail in the specification is implemented in smart contract.
Verify that the contract does not have any behavior that is not specified in specifications.
Verify that contract does not violate original intended behavior of specifications.
Here we would look for undefined, unexpected behavior and common security vulnerabilities like
Re-entrance
Overflows
Uncheck return values for low-level calls
Denial of service
Bad randomness
Front running
Time manipulation
Short address attack
Unknown vulnerabilities
The goal is to get to as many skilled eyes on contract code as possible
Manual testing
Smart contract will be manually deployed on any of the test network (Ropsten/Rinkeby) using remix IDE. All the transaction hashes will be recorded.
Gas consumptions and behavior of functions also noted.
Functional Testing
Testing with Automated Tools
- Slither
- Mythril
- Oyente
- Manticore
- Solgraph
- Solidity Coverage
Initial Audit Report
Final Audit Report
Post-Audit
- As per your requests from you, we make an Audit Announcement from our social media handles to mark the completion of the Audit.
- Expert Auditors Explaining the Nuances of the Audit Report
- QnA and Direct Interaction with Your Audience to Build Trust in Your Project
- Articles & Guest Posts in Renowned Publications
- Cross-Platform Promotions to Give More Exposure to the Project
FAQ
What is a smart contract audit
How much does it cost to audit smart contracts
How long does it take to audit a smart contract
What will I find in the audit report?
Is the report private?