Security Audits
Identify and eliminate security vulnerabilities using the most rigorous and thorough cybersecurity techniques.
Crowdsale / Token Contracts
Recommended by top exchanges, we can audit smart contracts across every major protocol and program language, including Solidity, JavaScript, C++, and Go.
Custom Smart Contracts
Worried about your smart contract security? Our team of experts can audit even the most complex smart contracts, from gambling contracts to consensus mechanisms.
Wallets and DApps
Don't just stop hacks, prevent them from happening. Make sure that all funds are secured and get one of the most robust audits available.
Blockchain Protocols
Ensure the security and proper implementation of your blockchain node configuration, consensus algorithm, contract virtual machine, and other key modules.
Why Choose CertiK?
Our team has conducted 250+ audits across all major protocols and is trusted as the recommended blockchain and smart contract audit provider by top exchanges like Binance, OKEx, and Huobi.
Expertise in Formal Verification
Turnaround as Quick as 48 Hours
Unique Patented Technologies
Audits Accepted by Exchanges
Free Project Quote
Transparent Reports
Expertise in Formal Verification
Turnaround as Quick as 48 Hours
Unique Patented Technologies
Audits Accepted by Exchanges
Free Project Quote
Transparent Reports
Audit Process
Our audit is a simple 5-step process:
PHASE 1
Review source code
PHASE 2
Send custom quote
PHASE 3
Review source code
PHASE 4
Suggest remediations
PHASE 5
Complete audit & provide certificate
Review source code
PHASE 1
Send custom quote
PHASE 2
Inspect for vulnerabilities
PHASE 3
Suggest remediations
PHASE 4
Complete audit & provide certificate
PHASE 5
How Does It Work?
Our security audit platform evaluates smart contracts for vulnerabilities and certifies their behavior with respect to a custom function specification:
Smart Contract
Source code and deployment scripts
Specification
Formalizes the intended behavior
Formal Verification Engine
Expert Review
Our US-based team includes engineers with experience from Google, Microsoft, Oracle, and Facebook.
Security Report
Lists security vulnerabilities and certified/violated requirements
Specification
Formalizes the intended behavior
Smart Contract
Source code and deployment scripts
Formal Verification Engine
Expert Review
Our US-based team includes engineers with experience from Google, Microsoft, Oracle, and Facebook.
Security Report
Lists security vulnerabilities and certified/violated requirements
What’s in the audit report?
Our audit reports are custom, thorough, and transparent. The report will classify any identified vulnerabilities by severity (Critical, Medium, Low), along with suggested remediations. We also include your entire source code, with annotations and CertiK’s Formal Verification labels in-line to show our work and explain the mathematical proofs conducted.
With every successful audit, we’ll also provide you with a uniquely hashed CertiK Verification Badge that we encourage you to share with pride! This badge contains a QR code for anybody to scan as proof of your successful audit.
What is Formal Verification, and why is it important?
Formal Verification mathematically proves that code will work as intended, computing all possible scenarios. With an estimated $1B of assets stolen in 2018, this level of rigor is the only way to objectively show immunity against some of the most critical and frequent vulnerabilities.
What do your audits include?
At CertiK, our audits include rigorous Formal Verification, static analysis, and manual review. We expand upon traditional testing methods to provide the most advanced security audits in the space.
Why doesn’t everybody perform Formal Verification?
Formal Verification is extremely rigorous and difficult to perform, since it requires precise, unambiguous specifications. Historically, Formal Verification has been more common for mission-critical hardware systems, like NASA’s Mars Rover, but because smart contracts are self-executing and often open-sourced, blockchain software has seen the need for these higher standards of security. Very few smart contract auditors are capable of performing Formal Verification, but our team of experts, which is led by Computer Science professors of Yale and Columbia, have several decades of experience in this space.
Do cryptocurrency exchanges accept your audit report?
Absolutely. Because our audit reports are comprehensive, transparent, and objective, we’re actually recommended by the top exchanges, including Binance, Huobi, OKEx, and Bitmart. In fact, we haven’t met any exchanges that did not accept our audit report, given our analysis is fundamentally driven by math and can be checked by anybody.
How long does it take to complete an audit?
The length of an audit depends on many factors, including the complexity and the length of the source code. We use patented and proven technology to complete our audits as quickly, and thoroughly, as possible, which has allowed us to complete most of our audits in a manner of days, not weeks. Some of our audits have been able to be completed within 48 hours.
How much does an audit cost?
The cost of an audit is customized for each project. We offer affordable pricing because we know that security is important, and you shouldn’t ever have to settle for a lower level of security. Because every project is different, you can request a free quote to find out the cost of your audit.
Don't wait until it's too late.
Request your free quote and secure your smart contracts today!