Request the latest threat intelligence and newest custom research based on relevant Web3 contextual factors. This unique service is the only way to unlock direct access to CertiK Intelligence Analysts

Account Settings

Profile

Sign Out

Watchlists

Have your code reviewed by CertiK’s team of seasoned security experts, who have audited 1000’s of projects

Effective findings culminated through performing thousands of audits and a cross-check against a large internal database of security vulnerabilities.

Receive rich reporting, covering findings and recommendations on on how to remediate vulnerabilities.

Our unparalleled expertise in Web3 security and risk management ensures that clients make informed decisions about their investments.

Whether a project has been audited by CertiK

Smart Contract Audit Process

Audited by CertiK

Active Bounty

CertiK Contract Verified

CertiK Formal Verification

CertiK KYC

CertiK Penetration Testing

CertiK Skynet

Top 10% Code Security Score

Top 10% Community Trust Score

Top 10% Fundamental Health Score

Top 10% Governance Strength Score

Top 10% Market Stability Score

Top 10% Operational Resilience Score

Top 10% Security Score

Top 10% Trust Score

Top 10% Watchlisted

CertiK is Web3's leading smart contract auditor and provides a comprehensive suite of tools to secure the industry at scale.

Provable Trust For All.

Securing The

World

Identify and eliminate security vulnerabilities in blockchains, smart contracts, and Web3 apps using the most rigorous and thorough cybersecurity techniques.

You can now discover projects within the same categories or ecosystems, by clicking the ecosystem icon or category tag within their security leaderboard columns.

Crowdsourcing from a list of the world's top ethical hackers to provide you continuous assessment, for uncovering vulnerabilities before anyone else does.

About

We're Hiring

Disclaimer

Worker Validation

Partnership

Resources

Testimonials

CertiK audits all of Web3, from decentralized applications to the blockchains they’re built on. We work closely with clients to deliver tailor-made security solutions.

Our industry-leading audit methodology and tooling includes a review of your code’s logic, with a mathematical approach to ensure your program works as intended.

Our industry-leading L1 chain auditing process combines expert manual review of smart contract code with advanced AI and mathematical techniques to ensure blockchain protocols work as intended.

CertiK’s speed in execution of audits at scale leaves the competition behind. But don't just take our word for it, listen to what our customers are saying:

Every smart contract audit involves comprehensive manual review by our team of experienced security experts. Automated AI-powered review provides an additional layer of security. Formal verification is an optional further step that certifies smart contract behavior with respect to custom function specifications. This helps developers get a handle on the entire scope of their platform.

How Does a Smart Contract Audit Work?

Every audit involves comprehensive manual review by our team of experienced security experts. Formal verification certifies L1 chain code behavior with respect to custom function specifications, helping developers get a handle on the entire scope of their platform. The process of auditing an L1 is the same as for auditing a smart contract. The five-step process is as follows:

Report an incident if you are under cyber attack and need help!

24/7 Incident Response

An L1 chain audit provides a comprehensive security assessment of a Layer 1 blockchain to identify vulnerabilities and recommend ways to fix them.

CertiK has audited nearly a dozen L1s, along with projects written in all major programming languages, thousands of Web3 projects, and tens of thousands lines of code. As a pioneer in the blockchain security industry, CertiK brings expertise that can only be gained from years of experience with thousands of projects to each and every L1 chain audit.

Web3 Security Leaderboard

Name

What's New

Visit the project’s profile page directly for more details about their status. Some projects may temporarily display as ‘Pending’ but will be available soon.

CertiK has audited thousands of Web3 projects and tens of thousands lines of code written in all major smart contract programming languages.

We bring expertise that can only be gained from years of experience with thousands of projects to each and every audit.

When it comes to security, only the best will do.

Risk screening and transaction monitoring

Advisory Services

Bug Bounty

Formal Verification

Incident Response

L1 Chain Audit

Penetration Testing

Sky Harbor

SkyHarbor

SkyInsights

Skynet

SkyTrace

Smart Contract Audit

Web 3 Security Audit

Protect Your Project Today

Security Score evaluates a project’s real-time security posture using on-chain and off-chain data.

Sign up and gain access to curated features like watchlist and so on in two simple steps.

SkyHarbor can quickly identify vulnerabilities or suspicious activities in your system, ensuring that your assets are safe and secure.

Actively monitor on-chain smart contracts in real time and present actionable security and Web3 app data insights for the community.

A comprehensive security assessment of your smart contract and blockchain code to identify vulnerabilities and recommend ways to fix them.

What’s in a Smart Contract Audit Report?

An index measuring a crypto project's relative security, market performance, and social sentiment

Providing the largest coverage on languages and ecosystem, as well as faster onboarding options, depending on project code size.

Clients receive rich reports on their smart contract code, complete with comprehensive vulnerability analyses and recommended remediations.

CertiK KYC provides private identity verification for project teams through a rigorous vetting process while maintaining the highest standards of data protection.

A total of $699,790,794 was lost in Q3 2023, making it the most financially damaging quarter of the year.

Hack3d: The Web3 Security Quarterly Report - Q3 2023

The rise of Web3 has ushered in a wave of innovation, not all of which is benevolent. A notable manifestation of malicious activity within this space is the emergence of "honeypot contracts." These contracts issue tokens that can be bought but not sold, thereby trapping investors.

The Proliferation of Honeypot Contracts in Web3

In traditional finance, lenders provide funds in return for interest on their deposits, while borrowers pay interest for immediate access to funds. DeFi lending operates on the same principle, but uses smart contracts. This approach means DeFi is accessible to everyone without the need for personal details or trusting a third party to hold funds. This report examines several past exploits analyzed by CertiK

Lending Contract Exploits: A Retrospective

The Web3 sector reached an unfortunate milestone recently, though it's not exactly unfamiliar territory. As of September 4, 2023, the industry crossed the $1 billion mark in terms of value lost to exit scams, exploits, and hacks.

The Billion Dollar Briefing

Skynet now prominently displays centralization risks in audited projects, making it easy to gauge the level of control that privileged owners have over a smart contract.

Products & Technology

KYC

Smart Contract Audit

Bug Bounty

L1 Chain Audit

Incident Response

Penetration Testing

Advisory Services

Skynet

SkyHarbor

SkyInsights

Formal Verification

Featured Ecosystems

BNB Chain

Ethereum

Avalanche

Solana

Algorand

NEAR

Cosmos

Polygon

Aptos

Arbitrum