Trust us with your
smart contract audits
Secure your blockchain with Formal Methods
Industry-leading smart contract audits and blockchain security tools from the team trusted by Risc Zero, Succinct, Linea, O1JS, and more
TRUSTED BY:
TRUSTED BY:
The blockchain security difference: Why Veridise?
Latest research insights
Our foundation lies in academia and the field of Formal Methods within Computer Science. We integrate the latest research advancements from world-class universities into our smart contract audits and security auditing practices.
In-house tooling to enhance quality of audits
Besides rigorous human auditing, we’ve developed in-house tools for our auditors’ use. This enhances the quality of our audits, uncovering otherwise undetectable vulnerabilities.
Industry-leader in ZK audits
We have audited countless ZK circuits and identified critical vulnerabilities in codebases like the core Circom libraries. ZK-related infrastructure protocols such as Scroll, Manta, Semaphore, and Succinct rely on our expertise.
What our blockchain security clients are saying
Charles Packer
CTO of AlloyX
Veridise has proven to be an excellent partner to AlloyX; providing rigorous reviews, timely
follow-ups, and excellent documentation of our audits.
Dan Posch
Founder & CEO of Daimo
Veridise was efficient and thorough. Our contracts are cleaner and better-documented now as
a result of the audit. Bryan was responsive on Telegram and great to work with.
chudnov
Ribbon Finance
Veridise is a highly technical and persistent team — we felt very comfortable in their hands.
Uma Roy
Co-Founder and CEO of Succinct
We are super happy to have worked with Veridise. It’s clear they looked into our circuits in great detail. One of the bugs they found was critical and quite subtle, so we were impressed with their work.
Ryan Fang
Co-Founder of Ankr
Veridise helped our protocols avoid very critical mistakes when other audit firms signed off and issued reports. As the regular retainer of Ankr, Veridise has done an amazing job.
Andy Guzman
Product Owner at Semaphore, Privacy & Scaling Explorations Team, Ethereum Foundation
The Veridise team was extremely detailed, helpful and collaborative during the audit and formal verification, it was a joy working with them.
Fraser Brown
Co-Founder & CTO of Cubist
Our key management platform is not trivial to audit: it requires expertise in security, cryptography, Rust, and more. The Veridise team did an extremely thorough job with the audit, which wasn’t surprising given their strong academic and industry background.
Greetings from Veridise co-founders Isil and Jon
Işil Dillig
President at Veridise
We’re firmly committed to leveraging the best research advancements from academia. With 100+ completed audits and a talented team of 35+ professionals, we can harden the security of your protocol across all major categories, such as ZK, L1/L2s and smart contracts.
Jon Stephens
CEO at Veridise
Our advantage lies in our in-house tools. Around half of our team members are not auditors — instead, they focus building in-house vulnerability detection tools for our auditors to use. We’ve built unique capabilities to spot bugs that are difficult for the human eye to find.
Smart contract audits
What are smart contracts?
Smart contracts are self-executing agreements where the terms and conditions are directly written into software code and stored on a blockchain, such as Ethereum. The contract automatically executes without the need for intermediaries, ensuring trust and transparency between parties.
Smart contracts are immutable, meaning they cannot be altered once deployed, and their execution is publicly verifiable. Anyone with internet access and a blockchain wallet can interact with these smart contracts. This means that smart contracts must be developed with security as a top priority, as they are open to interactions from malicious actors as well.
When securely developed, smart contracts enable secure, transparent, and tamper-proof digital interactions with a wide variety of applications, such as decentralized finance (DeFi) applications.
Read more
Smart contract audits: introduction
A smart contract audit is a comprehensive code review designed to ensure that the smart contract is free from vulnerabilities, errors, or potential exploits. These audits are typically conducted by a blockchain security company, such as Veridise.
During the smart contract audit, blockchain security analysts examine the code to identify various security flaws and logical inconsistencies. The process involves a line-by-line manual review by experienced analysts, complemented by the use of tools like static analyzers and fuzzers.
The completed smart contract audit results in a detailed report highlighting any bugs or vulnerabilities that could be exploited by malicious actors, along with recommendations for improving the code.
Many of our clients choose to publish these audit reports, and you can find examples of our work on the Past Audits page.
What is the unique skill set of smart contract auditors?
Security analysts conducting smart contract audits have a distinct skill set focused on identifying vulnerabilities, with an emphasis on security rather than functionality.
Unlike developers, who build smart contracts, security analysts adopt an adversarial mindset, thinking like attackers to uncover flaws that could be exploited. They are experts in blockchain-specific vulnerabilities such as reentrancy attacks, integer overflows, and gas limit issues, which developers may not always be familiar with.
Analysts are also experienced with specialized vulnerability detection tools such as static analyzers, fuzzers, or formal verification methods to ensure the contract behaves securely in all scenarios.
While developers test for functionality, security analysts rigorously review every part of the code, focusing on edge cases and unintended behaviors that could pose security risks. This unbiased third-party perspective allows them to objectively assess the code without being influenced by the development process or design choices.
This impartiality, combined with deep understanding of security best practices, makes smart contract auditors uniquely qualified to conduct comprehensive audits. Engaging third-party auditors ensures that your smart contract is robust and resistant to potential attacks before deployment.
Smart contract audit: why is it important?
To provide perspective, over $10 billion has been hacked from various blockchain and decentralized finance (DeFi) platforms since 2018. A significant part stems from security vulnerabilities in smart contracts.
A smart contract exploit can severely damage an application’s reputation. Such an exploit erodes the trust of users and investors. Once users’ funds are stolen, they lose confidence in the platform’s security, often leading to an exodus of users and a decrease in total value locked (TVL). Media coverage of the hack typically amplifies the reputational damage, and existing business partners may distance themselves. The attack may also invite regulatory scrutiny. Even if financial losses are mitigated or compensated, the damage to the platform’s image is often long-lasting.
Data shows that projects undergoing smart contract audits are far less likely to be hacked, offering a strong return on investment for blockchain companies.
What makes Veridise the ideal choice for your smart contract audit?
Veridise is the ideal choice for your smart contract audit due to its unmatched expertise in blockchain security and strong academic foundations. Our team includes several PhDs in program analysis, cryptography and software security, as well as professors of computer science and mathematics.
Key infrastructure protocols such as Linea, Risc Zero, Succinct, Manta, Scroll, and Semaphore trust Veridise with their security and smart contract audit needs.
In addition to rigorous line-by-line smart contract auditing, we continuously develop and improve our in-house vulnerability detection tools. Unlike many other auditors who rely solely on off-the-shelf tools, we build and refine our own tools, providing superior detection performance. Our tools give us an edge in finding vulnerabilities that are often difficult for the human eye to detect.
With Veridise, you gain access to security professionals with strong academic backgrounds and the latest industry experience, along with cutting-edge detection tools.