Smart Contract Audit / Pen-test

We match you with a pool of auditors tailored to your needs.

Please submit the following information to adrien@auditone.io

In this phase, we agree on the audit's scope, price, and timeframe. Please provide us with the following information to streamline the process.

Project name and short description
Link to the project's website
Codebase (link to your GitHub or similar) and audit scope
Last commit hash
Contact information (Discord, TG) of your project team members participating in the audit process (CTO, Tech Lead, Devs, etc.) - we will create a communication channel with everyone.
Your preferred start date for the audit Ideally, do the Rekt Test (https://blog.trailofbits.com/2023/08/14/can-you-pass-the-rekt-test/)
1. Do you have all actors, roles, and privileges documented?
2. Do you keep documentation of all the external services, contracts, and oracles you rely on?
3. Do you have a written and tested incident response plan?
4. Do you document the best ways to attack your system?
5. Do you perform identity verification and background checks on all employees?
6. Do you have a team member with security defined in their role?
7. Do you require hardware security keys for production systems?
8. Does your key management system require multiple humans and physical steps?
9. Do you define key invariants for your system and test them on every commit?
10. Do you use the best automated tools to discover security issues in your code?
11. Do you undergo external audits and maintain a vulnerability disclosure or bug bounty program?
12. Have you considered and mitigated avenues for abusing users of your system?

After signing the contract with us, we can kick off the audit.

Code walkthrough - video to be uploaded here: https://forms.gle/cMStFDLRAZCtx8Za9 (This helps auditors understand expected outcomes from the developer's side.)
GitHub names of your Team so they can view the audit process
Your logo(s)
Your social media links (if you want us to publish information about the audit on our SM)

This part is dedicated to ensuring your project stays secure in the long run and helps us to improve based on your feedback.

4 min feedback form: https://docs.google.com/forms/d/e/1FAIpQLSf_ZpNTuz9C2cFuWtqKH2dRhfVjUjFHF-QF20sx9jUQckmPdw/viewform?usp=sf_link
Call about future security options like coverage pools, bug bounty, and on-chain monitoring.

We have described the audit process in detail in our Docs here:

Last updated 2 months ago