net1net2

Security Audits

Identify and eliminate security vulnerabilities using the most rigorous and thorough cybersecurity techniques.

  • Shield

    Crowdsale / Token Contracts

    We can audit your smart contracts across every major protocol and program language, including Solidity, JavaScript, C++, and Go.

  • Shield

    Custom Smart Contracts

    Our team of experts can audit even the most complex smart contracts, from gambling contracts to consensus mechanisms.

  • Shield

    Wallets and DApps

    Don't stop hacks, prevent them. Make sure that all funds are secured by performing the most robust audits available.

  • Shield

    Blockchain Protocols

    Ensure the security and proper implementation of your blockchain node configuration, consensus algorithm, contract virtual machine, and other key modules.

  • TrueUSD
  • crypto.com
  • QuarkChain
  • IoTeX
  • CelerNetwork
  • Terra.money
  • Universal Protocol
  • Qtum
  • NEO
  • NKN
  • ONTology
  • Contents Protocol
  • Icon
  • Contentos
  • Ocean Protocol
  • Waves

Why Choose CertiK?

Our team has conducted over 150 audits across all major protocols and is trusted as the recommended auditor of top exchanges, including Binance, OKEx, and Huobi.

upper

Expertise in Formal Verification

Up to 48-hour Turnaround

Unique Patented Technologies

mid
lower

Accepted Across Exchanges

Free Unlimited Re-Audits

Transparent Reports

Expertise in Formal Verification

Expertise in Formal Verification

Up to 48-hour Turnaround

Up to 48-hour Turnaround

Unique Patented Technologies

Unique Patented Technologies

Accepted Across Exchanges

Accepted Across Exchanges

Free Unlimited Re-Audits

Free Unlimited Re-Audits

Transparent Reports

Transparent Reports

Audit Process

Working together is a simple 5-step process:

Process Illustration

PHASE 1

Review source code

PHASE 2

Send custom quote

PHASE 3

Review source code

PHASE 4

Suggest remediations

PHASE 5

Complete audit Provide certificate

  • Review source code

    PHASE 1

    Review source code
  • Send custom quote

    PHASE 2

    Send custom quote
  • Begin vulnerability inspection

    PHASE 3

    Begin vulnerability inspection
  • Suggest remediations

    PHASE 4

    Suggest remediations
  • Complete audit Provide certificate

    PHASE 5

    Complete audit Provide certificate

How Does It Work?

Our security audit platform evaluates smart contracts for vulnerabilities and certifies their behavior with respect to a custom function specification:

Smart Contract

Source code and deployment scripts

Specification

Formalizes the intended behavior

phase1

Formal Verification Engine

phase2
arrow

Expert Review

phase3

Our US-based team includes engineers with experience from Google, Microsoft, Oracle, and Facebook.

arrow
phase4

Security Report

Lists security vulnerabilities and certified/violated requirements

Specification

Formalizes the intended behavior

Smart Contract

Source code and deployment scripts

phase1

Formal Verification Engine

phase2
arrow

Expert Review

phase3

Our US-based team includes engineers with experience from Google, Microsoft, Oracle, and Facebook.

arrow
phase4

Security Report

Lists security vulnerabilities and certified/violated requirements

Report

What’s in the audit report?

Our audit reports are custom, thorough, and transparent. You’ll see a classification of identified vulnerabilities by severity (Critical, Medium, Low) along with suggested remediations. We also include your entire source code, with annotations and CertiK’s Formal Verification labels in-line, to show our work and explain the mathematical proofs conducted.

With every successful audit, we’ll also provide you with a uniquely hashed CertiK Verified badge that we encourage you to share with pride! This badge contains a QR code for anybody to scan as proof of the authenticity of your successful audit. Try it out for yourself!

  • What is Formal Verification, and why is it important?

    Formal Verification mathematically proves that code will work as intended, computing all possible scenarios. With an estimated $1B of assets stolen in 2018, this level of rigor is the only way to objectively show immunity against some of the most critical and frequent vulnerabilities.

  • What do your audits include?

    At CertiK, our audits include rigorous Formal Verification, static analysis, and manual review. We expand upon traditional testing methods to provide the most advanced security audits in the space.

  • Why doesn’t everybody perform Formal Verification?

    Formal Verification is extremely rigorous and difficult to perform, since it requires precise, unambiguous specifications. Historically, Formal Verification has been more common for mission-critical hardware systems, like NASA’s Mars Rover, but because smart contracts are self-executing and often open-sourced, blockchain software has seen the need for these higher standards of security. Very few smart contract auditors are capable of performing Formal Verification, but our team of experts, which is led by Computer Science professors of Yale and Columbia, have several decades of experience in this space.

  • Do cryptocurrency exchanges accept your audit report?

    Absolutely. Because our audit reports are comprehensive, transparent, and objective, we’re actually recommended by the top exchanges, including Binance, Huobi, OKEx, and Bitmart. In fact, we haven’t met any exchanges that did not accept our audit report, given our analysis is fundamentally driven by math and can be checked by anybody.

  • How long does it take to complete an audit?

    The length of an audit depends on many factors, including the complexity and the length of the source code. We use patented and proven technology to complete our audits as quickly, and thoroughly, as possible, which has allowed us to complete most of our audits in a manner of days, not weeks. Some of our audits have been able to be completed within 48 hours.

  • How much does an audit cost?

    The cost of an audit is customized for each project. We offer affordable pricing because we know that security is important, and you shouldn’t ever have to settle for a lower level of security. Because every project is different, you can request a free quote to find out the cost of your audit.

Don't wait until it's too late.

Request your free, no-obligation quote today!