Get All Answers Here

Find answers on common questions about our auditing services

25+

Top-class Security Auditors

5+

Years in Web3 Security

230

Projects Secured

What types of smart contracts can you audit?

Blaize can provide a full audit of the following smart contracts:

  • Solidity and Vyper contracts for any EVM blockchain;
  • Rust-based contracts. For instance, NEAR, Solana, and Secret Network ecosystems; 
  • Modules and pallets for Substrate chains from Polkadot ecosystem;
  • Move contracts for Aptos and Sui blockchains and any Move compatible ecosystem; 
  • Cairo contracts from StarkNet blockchain;
  • Motoko contracts for the Dfinity ecosystem;
  • any other smart contracts on other languages.
Read More

Can you conduct a blockchain security audit?

Absolutely! Blaize Security team has deep experience with various chains: EVM-compatible, like fork of Ethereum or Layer-2 blockchains, Bitcoin-family blockchains, Substrate chains from Polkadot ecosystem, Cosmos chains and other custom blockchain solutions.

Read More

Can you conduct a dApp security audit or backend security audit?

Yes, Blaize Security knows how to handle a wide range of security assessments, covering dApps, backend systems, SDKs, custodial services, and exchanges. Our seasoned experts dive into the architecture and codebase of these components, ensuring they adhere to the highest security standards.

Our team thoroughly examines the entire ecosystem of the dApp, identifying potential vulnerabilities both in the smart contracts and the interfacing backend systems. We know the sensitive nature of custodial services, and the robust demands of exchanges – we provide comprehensive audits to identify vulnerabilities and recommend best-practice solutions. Our goal is to ensure robust security across all sides of your project.

Read More

How can the smart contract be hacked?

Here’s a brief list of the most common reasons for smart contract hacks Blaize has dealt with:

  • standard vulnerabilities like reentrancy, denial of service, or overflows;
  • incorrect access control and roles systems; 
  • incorrect math and rewards calculations, inappropriate token amounts
  • handling, accuracy mistakes; 
  • incorrect token transfer logic; 
  • loopholes in the business logic; 
  • architectural mistakes that lead to deadlocks or contract misuse.

To discover more about the topic, check out Blaize article about most common smart contract vulnerabilities.

Read More

How are Blaize and Blaize.Security connected and how does this enhance the whole expertise?

Blaize.Security operates as an integral part of Blaize, specializing in comprehensive security audit and consulting services. This connection allows us to closely collaborate with Blaize’s Engineering Department, fostering a dynamic partnership that enhances innovation and ensures top-tier security. Our shared commitment to RnD enables us to succeed in creating secure products and protecting our clients, affirming our position as industry leaders in blockchain security solutions.

 

Read More

What makes Blaize a reputable smart contract audit company?

The information presented in the blockchain protocol audit reports is the intellectual property of our customers. For this reason, we always ask for the client’s permission to post the audit case on the Blaize website.

You can find our public audit reports right under the link: audits.blaize.tech

It contains all our public reports, including smart contract audit reports, examples of bridge security audits, SDK security audits and blockchain audits.

Read More

How is your smart contract audit process built?

We break the smart contract audit into several stages: 

  • security review by at least 2 auditors working separately; 
  • business logic review and architectural scheme recreation;
  • automatic tools analysis; 
  • full unit tests coverage; 
  • integration testing and specific user scenarios recreation; 
  • fuzzy testing and mutation testing (on demand);
  • formal verification (on demand).

Learn more details about the whole audit process in our blog.

Read More

How long does it usually take to estimate the code of my project to be audited?

Blaize Security specialists look through the materials and data collected from the client and prepare a quotation within 24 hours term.

Read More

What time do you need to set up a dedicated smart contract auditors team for my project?

We have dedicated time slots for each customer with a short waiting period of no longer than a week. So you can be sure that we’ll start to work on your project as soon as possible.

Read More

How to choose and hire a reliable smart contract audit company?

When considering an auditing team, you should pay attention to specific cases of the projects they audited in the past. This will allow you to see the number of audits they have worked on and estimate their experience. Besides, the size of the projects they audited before will help you understand whether the team is worth hiring since larger projects tend to attract more hackers. 

Next, you should take a closer look at their portfolio to see if the company has conducted any audits on your chain. Also, check what kind of methodology and approach the auditor chooses to see if it suits you. 

Finally, check several reports. A report of a reliable smart contract audit company should include a detailed description of all the issues that were found during the course of the investigation. Such a report must be well-structured, and understandable for most people.

Read More

What information will my smart contract audit report include?

Your security audit report, prepared by Blaize specialists, will include the following information:

  • all security issues with the recommendation from auditors;
  • best practices recommendations;
  • clarifications for the unclear functionality;
  • business logic review summary and contracts scheme; 
  • a list of the performed tests;
  • audit summary;
  • used methodology.
Read More

Do you offer security services other than audit?

Blaize offers a comprehensive range of security services, including smart contract auditing for various languages like Solidity, Vyper, and Rust, technical due diligence, core blockchain auditing, enterprise solution audits, and expert smart contract security consulting to enhance the integrity and reliability of blockchain projects. 

 

Beyond the primary audit, our commitment extends to post-audit support that encompasses secondary audits, code update reviews, security patch development, secure CI/CD pipeline construction, deployment assistance, post-deployment assessments, active smart contract protection, and direct consultations from our seasoned Security Researchers.

Read More

Get in Touch

Your blockchain dreams deserve top-tier security. Let's secure them together with our team of certified blockchain security professionals.
Get consulting on WEB3 security from top-tier security researchers and auditors. Contact us, and let's fortify your decentralized future.