How we perform smart contract security audit

Our audit has 7 main stages:

1. Preparation – consists of review of specification, code compiling and deployment to testnet, understanding the functionality of the contracts
2. Functionality Analysis – consists of analysis of the code’s specification, developing AS-IS overview for the contract (a high-level description of the smart contract functions)
3. Automated code analysis – we do automated scanning for commonly known vulnerabilities including scanning with Mythril, Slither. These tools are developed for Solidity contracts on Ethereum, however, they can also be applied for TRON-based Solidity contracts
4. Manual code analysis – consists of Performing testing against known attacks and manual security audit
5. Report Development – consists of Preparing a template of the report for the project, Assembling results from stages 1-4 and Finalizing report
6. Quality assurance and Secondary review – consists of Consulting developers on the ways to fix vulnerabilities and Secondary audit against fixed issues
7. Project Management – includes liaising with both sides, constantly monitoring a progress of work, controlling the stages, keeping everyone informed of the project’s accomplishments, issues and changes

Leave a Comment

Your email address will not be published. Required fields are marked *

one × three =