We care about your safety

It takes years to build a reputation and trust. It takes days to find a vulnerability and plan the hack. It takes minutes to steal funds and ruin your credibility. Unfortunately, the perfect code does not exist. So the audited smart contract is your assurance.

Security that matters

Vidma security auditors are the team of professionals that are leading the industry standards. Your safety is a priority to us.

Smart Contracts security audit
Audit of the protocols
Audit of the bridges
Layer 1 solutions
Post-hack assistance and
search for an attacker
Token Audits

Our History Contributing To Your Safety

Back in October, 2020 we conducted our first smart contract audit. For the first 105 audits, our security experts worked under the brands of two partner companies. Since that first report , more than 120 audits have been conducted by our security team.

Thanks to our professional team, techniques, and methods, we managed to reveal plenty of security and operational issues with different severity levels. We've saved a day for a lot of projects and are proud to be ongoing security partners for many of them.

The chart below displays the number of issues we found during the smart contract auditing processes on all projects.

134
Total amount of audits
97
Companies we worked with
1166
Total issues found
94
155
159
369
389
Critical
High
Medium
Low
Informational

We are different

Since day one of our operations, we developed a unique workflow that is made better with each and every month. We believe constant improvement contributes to overall results and security, hence our focus on this. The points below are the outcome of three years of experience. We apply only things that work best.

A couple of experts are working on one smart contract audit simultaneously, making the cross review of each other to make sure we do miss not a nit.
We are using contemporary methods and tools that help us to minimize the risk of a human factor.
Tests are a must! Despite the presence of your tests, we are making ours from scratch to ensure the codebase behaves as expected and that no security threats are hidden between the code lines. We are meeting the industry coverage standards of 95%. The tests are provided to you in a separate file as well as shown in the final audit report.
Transparency of the scoring system. Vidma smart contract auditors developed a unique and transparent scoring system so that no doubt on the legitimacy is left. Our aim is to provide a standard of the scoring system in the industry to ensure trust between the auditors, community, stakeholders, exchanges, and protocols.
Constant assistance during the codebase audit process and after it.
We advise on how to optimize the codebase to make it more gas-friendly.
We are not charging for the lines of comments or NatSpec in the code. We are striving to get as many details about the given codebase as possible in order to make a deep dive and prevent vulnerabilities.
We make double-check and retest after your fixes of the found vulnerabilities and issues to ensure your code changes are correct.

Why the smart contract audit is needed?

Why the audit is needed?

Better optimization in the code
Confirmation of expected logic and behavior of the smart contracts
Security against exploits and attacks
Voiding of fund losses
Voiding of brand damage
Ensuring your stakeholders or potential investors that the funds are secured. No guarantees – no investment
Ensuring the community that your codebase is safe and ready to be used
It’s a part of the listing process for some exchanges

Workflow of the smart contract audit

Phase 1: The research phase

Research

After the smart contract audit kick-off, our security team conducts research on the contract’s logic and expected behavior.

Documentation reading

Documentation is a must. Our auditing team is making a deep dive in your tech documentation to discover all the behavior patterns of your codebase and to analyze the potential auditing and testing scenarios.

The outcome

At this point, the Vidma auditors are ready to kick off the process. We set the auditing strategies and methods and are prepared to conduct the first smart contract audit part.

Phase 2: Manual part of the smart contract audit

Manual part of the audit

During the manual phase of the audit, the Vidma team manually looks through the code in order to find any security issues, typos, or discrepancies with the logic of the contract. The initial commit mentioned in the agreement is taken into consideration.

Static analysis tools

Used to find any other vulnerabilities in smart contracts that were missed after a manual check.

The outcome

Interim audit report with the list of issues.

Fixing of the issues

You will be able to make the necessary fixes in order to secure the contracts. No worries, we will double-check every single change you did and will provide our feedback :)
Once you are ready, please pass the new commit with the fixes back to us for further steps.

Review of the fixes

We are reviewing the changes you made and will provide feedback on the fixes.

Phase 3: Testing part of the smart contract audit

Testing part of the audit

We do thorough testing using diverse techniques and tools in order to find all possible vulnerabilities and operational issues.

The outcome

Second interim audit report with the list of new issues found during the testing part of the smart contract audit process.

Fixing the issues

You will be able to make the fixes to the new issues. A review of them is on us. A new commit with the fixes should be provided

Review of the fixes

Once you revert a new commit, we check the changes and cover the fixes with tests once again.

Phase 4: Final audit report forming

Final audit report forming

During this step we are preparing the final audit report and making a beautiful design of it.

The outcome

Final designed audit report in pdf. format.

Unique audit scoring system

Our auditing and business team has worked for a while on a unique and transparent audit scoring system. We believe that the auditing industry should be standardized in terms of scoring, so that the adequacy and understanding of the smart contract audit result is improved for everyone.

* Points mentioned in the table are deducted out of 100 score for every issue mentioned in the report
Severity of the issue
Resolved
Unresolved
Critical
1
10
High
0.8
7
Medium
0.5
5
Low
0.2
0.5
Informational
0
0.1
* Points mentioned in the table are deducted out of 100 score for every issue mentioned in the report

How to get a smart contract audit

Step 1
Step 1

You need to reach out to our friendly expert team and provide the following info

  • Repository and the access to it
  • Commit that should be estimated
  • List of contracts that should be under the audit
Step 2
Step 2

We are reverting to you with timeline and price estimations for the given scope of work

Step 3
Step 3

Both sides are shaking hands and sign the agreement

Step 4
Step 4

We kick off the smart contract audit process to ensure your codebase is secure and operational

Schedule a free consultation in 20 seconds!

Get in touch

Feel free to use the contact form below if you want to conduct a smart contract audit or a pentest with us