DeFi audits
Comprehensive security analysis of your smart contract to identify vulnerabilities and guidance how to fix them.
A DeFi audit from Veridise involves trained professionals manually examining your code and utilizing various in-house tools to unearth vulnerabilities. Our experienced team employs both cutting-edge automated techniques and their own comprehensive knowledge of security flaws and blockchain pitfalls to ensure our DeFi audits are complete and instantly actionable.
TRUSTED BY:
TRUSTED BY:
The Veridise edge: Why us?
Seasoned professionals
Veridise is composed of a team of seasoned security professionals, blending the latest research insights from academia with extensive industry expertise.
In-house tools
In addition to rigorous human auditing, our in-house tools detect bugs that the human eye has a difficult time finding. This enhances the quality and effectiveness of our audits.
Confidentiality and ownership
Upon request, we uphold the confidentiality of the report, although many of our clients find value in publishing it. Additionally, our reports become fully yours upon completion of the audit, unlike with some other providers.
Veridise’s edge: our in-house tools
Veridise combines professionals who manually review code with our in-house tools.
Our in-house tools enable Veridise to detect hard-to-find bugs that are difficult for the human eye to identify, leading to comprehensive DeFi audit reports. With Veridise, your codebase is in the hands of industry-leading detection methods.
OrCa
Specification-guided fuzzer
Vanguard
Static analysis tool for smart contracts and ZK circuits
Picus
Zero-Knowledge Proof auditing tool finding bugs in arithmetic circuits
Our experience auditing DeFi protocols
Sound DeFi audits requires a broad skill set, including experience with common vulnerabilities, deep knowledge of common frameworks like Uniswap/AAVE, active engagement with the security community to stay up to date, and an ability to analyze new protocols at a high level to understand the intended behavior.
Read more
This last point is especially important. When reviewing smart contracts, we have found that around half of the high and critical vulnerabilities come from logic errors specific to the project application.
Building safe code is a practice that starts from the very first design and continues up to and after an audit. This is why our teams work to understand the core invariants of each protocol, creating formally specifying these properties to integrate into both manual review and fuzzing efforts.
Auditing process
1. Assessment
Our experts assess the scope of the audit: We check the source repository and set key requirements to be verified.
2. Review
At the next step, our team formalizes key properties of your project and utilizes our proprietary analysis tools to check for common vulnerabilities and deeper logical bugs.
3. Report
At the end of the audit, we deliver a detailed DeFi audit report summarizing our findings and recommendations. Our reports include any uncovered vulnerabilities, their potential impact, and mitigation strategies.
4. Fixes & Fixes Review
Our clients’ teams fix discovered bugs and vulnerabilities. The Veridise team then verifies the new code to ensure it is secure.
5. Final Report
Once all bug fixes are verified, we issue a final DeFi audit report and it is up to our clients whether to make the final report public or not.
Explore our audit reports
Academic work on
DeFi audits and Smart Contracts
SmartPulse: Automated Checking of Temporal Properties in Smart Contracts
IEEE Symposium
on Security and Privacy (Oakland)
Synthesis-Powered Optimization of Smart Contracts via Data Type Refactoring
Object-oriented Programming, Systems, Languages
and Applications (OOPSLA)
SolType: Refinement Types for Arithmetic Overflow in Solidity
Principles
of Programming Languages (POPL)
Formal Verification of Workflow Policies for Smart Contracts in Azure Blockchain
Verified Software:
Theories, Tools, Experiments (VSTTE)
Veridise is the choice of industry leaders
We have audited some of the most critical protocols in the blockchain space, with billion of dollars in Total Value Locked
