What is a Smart Contract and Audit of Smart Contracts?
Audit of Smart Contracts is a specialized task, which includes a manual and/or an automated in-depth analysis of a source code to identify security-related weaknesses.
A smart contract is a digital protocol created to facilitate, verify, and enforce conditions on the blockchain, thus avoiding the need for a middleman. It sustains the back-end functioning of decentralized systems.
zerOxImpact is a professional team of consultants, who perform smart contract audits in accordance with the internal methodology. We analyse a smart contract’s functionality and perform all necessary checks for all known vulnerabilities.
Smart Contract Audit protects against threats targeting your business and clients, who do not underestimate this risk, do the independent smart contract review.
We have a huge experience in the area of blockchain. For our clients, we provide security audits of smart contracts, DApp’s – front-end, back-end, custom blockchains, 2nd layer scaling solutions and crypto-wallets.
1. Smart Contract Audit Platform Flexibility
Whether Ethereum, Stellar, NEO, or EOS, our engineers can confidently assist with the audit of your smart contract.
2. Manual Code Review
Our team performs a formal line by line inspection of your smart contract to find any potential issues.
We offer a cost-effective, end-to-end security protection for your crypto product.
Not enough? move on
How do you Benefit working with us.
Some of our clients
What is a Smart contract Audit Methodology?
Smart Contract Audit is similar to a secure code review, and involves a manual and/or an automated review of an application’s source code to quickly identify security-related weaknesses in the code.
“Learn more – Manual vs. Automated Secure Code Reviews.”
Our approach to deliver the service:
Receive the documentation &
Identify Objectives and Threat Modelling. We want to learn about your application’s use cases. For us it is critical to understand the types of bugs that are possible in the code we’re reviewing.
The client provides access to the codebase (via the link to the repo, or simply by sending an archive). The team replies with an estimate of the cost and time.
The team scans the smart contracts with both publicly available and with the proprietary security tools, as well as with the open-source tools. Any issues found by the tools are then validated manually.
After, the smart contracts are verified manually (this includes the checks for vulnerabilities, code quality, irrational gas consumption, etc.).
The logic of the contracts is verified and compared with the logic described in the documentation/whitepaper. The smart contracts are then deployed to a Testnet for checking the test coverage (if any). They are also reviewed for compliance, if applicable.
Conduct initial testing &
audit of code
Share a draft audit report
with a detailed analysis
of the contract review
The report includes a comprehensive description of the found issues along with recommendations on how to fix them.
The client addresses the issues & bugs of the audit
Optionally, after the developers update the code, they can perform one free recheck to make sure everything is fixed. After this, they prepare a final retrospective report. Last step is the delivery of the Final Audit Report
& the re-audit of remediated code
Frequently Asked Questions.
Here are some common questions about Smart Contract Audit.