Our Audit Process

Send us your project details and in-scope contracts that you want audited. We perform an initial review to understand your scope and respond with questions, availability, and next steps.

• Project overview
• Repository or code access
• Initial feasibility review
• Next-step discussion

We define the audit scope in detail and align on all requirements before the engagement begins.

• Audit scope finalization
• Timeline discussion
• Providing pricing
• Confirming the number of assigned researchers (typically 2–4 auditors)

Once locked, we set up a dedicated communication channel between your developers and our auditors, along with a private GitHub repository for reporting and tracking findings throughout the engagement. At this stage, our security researchers are assigned and the audit officially begins.

• Researchers assigned
• Pushing new commits paused
• Manual code review
• Automated security analysis

We fully focus on finding as many and as deep vulnerabilities as possible, we share findings as soon as they are found , fixes could be applied immediately

• Devs could review findings
• Devs could assign fixed/Acknowledged labels

We send a prelim pdf report of the findings with their severities

• Severity-based classification
• Technical vulnerability breakdown
• Exploit scenarios
• Fix recommendations

After fixes are implemented, we re-evaluate the updated codebase to confirm all issues have been properly resolved and no new vulnerabilities have been introduced.

• Patch verification
• Re-testing of vulnerabilities
• Regression analysis

Once all issues are resolved and verified, we deliver the final audit report suitable for publication and investor or community transparency.

• Final audit PDF report
• Security completion confirmation
• Optional public disclosure report
• Post-audit support