Manual + static review for Solana, CosmWasm, and Near — covering reentrancy across CPI, unsafe Rust, authority paths, and economic exploits. Scope assessment in 48 hours. Clear severity. Fix guidance your eng team can ship against.
Audit Framework
Not a generic checklist ported from Solidity. Findings map to how Rust programs actually fail in production — including patterns searchers ask about when investigating reentrancy attack paths.
CPI ordering bugs, reentrancy across program boundaries, and privilege escalation via remaining accounts — the Rust/Solana equivalents of classic EVM reentrancy.
Overflow/underflow in checked and wrapping math, precision loss in fixed-point accounting, and fee-rounding that leaks value over volume.
Signer checks, PDA seed collisions, upgrade authority risk, and admin key compromise scenarios — mapped to concrete exploit paths.
Audit of `unsafe` blocks, FFI boundaries, and custom allocators. We treat every `unsafe` as an explicit trust boundary, not a style preference.
Oracle manipulation, sandwichable settlement paths, liquidations race conditions, and batch-payout edge cases under adversarial mempools.
Property tests, fuzz targets, and invariant documentation you can hand to your next auditor or insurance underwriter.
Engagement
Repo access, threat model interview, and a written scope memo (in-scope programs, out-of-scope, timeline, severity rubric) within 48 hours.
Toolchain scans (Clippy, cargo-audit, custom detectors) followed by line-by-line manual review focused on state transitions and authority paths.
High/Critical findings get PoC tests where feasible — so your engineering team can see the failure path, not just a checklist item.
Severity-ranked findings, fix guidance, and one free re-review of remediated issues. Optional public attestation letter on request.
Deliverables
FAQ
Yes. Most of our Rust audit volume is Solana (Anchor and native programs), with CosmWasm and Near engagements as secondary tracks. We also review cross-program and oracle integration code that lives outside the on-chain program but can break the security model.
Rust and Solana security failures look different from EVM ones — CPI spoofing, account discrimination bugs, and PDA seed collisions are not Solidity reentrancy with a new coat of paint. Our reviews are staffed by engineers who ship Rust in production, not auditors translating EVM playbooks line-for-line.
If you are investigating a suspected exploit, we can run an incident-style review: reconstruct the call path, identify the vulnerable instruction, and recommend freeze / migration options. For active incidents, contact us immediately — response time matters more than a polished report.
Small programs (1–3k LOC, single program) usually run 1–2 weeks. Multi-program DeFi or payments systems typically take 3–5 weeks depending on maturity of tests and prior reviews. Scope assessment always comes first so you get a fixed timeline before kickoff.
Yes. Many clients engage us for both rails architecture and audit coverage — see our Web3 hub and the enterprise fiat-crypto rails guide. Combining build + independent review usually costs less than hiring two uncoordinated vendors after the fact.
Send the repo (or a private invite) and the threat model you care about. You get a written scope memo before any audit invoice.