Request the latest threat intelligence and newest custom research based on relevant Web3 contextual factors. This unique service is the only way to unlock direct access to CertiK Intelligence Analysts

Account Settings

Profile

Sign Out

Watchlists

Have your code reviewed by CertiK’s team of seasoned security experts, who have audited 1000’s of projects

Effective findings culminated through performing thousands of audits and a cross-check against a large internal database of security vulnerabilities.

Receive rich reporting, covering findings and recommendations on on how to remediate vulnerabilities.

Our unparalleled expertise in Web3 security and risk management ensures that clients make informed decisions about their investments.

Whether a project has been audited by CertiK

Smart Contract Audit Process

Audited by CertiK

Active Bounty

CertiK Contract Verified

CertiK Formal Verification

CertiK KYC

CertiK Penetration Testing

CertiK Skynet

Top 10% Code Security Score

Top 10% Community Trust Score

Top 10% Fundamental Health Score

Top 10% Governance Strength Score

Top 10% Market Stability Score

Top 10% Operational Resilience Score

Top 10% Security Score

Top 10% Trust Score

Top 10% Watchlisted

CertiK is Web3's leading smart contract auditor and provides a comprehensive suite of tools to secure the industry at scale.

Provable Trust For All.

Securing The

World

Identify and eliminate security vulnerabilities in blockchains, smart contracts, and Web3 apps using the most rigorous and thorough cybersecurity techniques.

You can now discover projects within the same categories or ecosystems, by clicking the ecosystem icon or category tag within their security leaderboard columns.

Crowdsourcing from a list of the world's top ethical hackers to provide you continuous assessment, for uncovering vulnerabilities before anyone else does.

About

We're Hiring

Disclaimer

Partnership

Resources

Testimonials

CertiK audits all of Web3, from decentralized applications to the blockchains they’re built on. We work closely with clients to deliver tailor-made security solutions.

Our industry-leading audit methodology and tooling includes a review of your code’s logic, with a mathematical approach to ensure your program works as intended.

Our industry-leading L1 chain auditing process combines expert manual review of smart contract code with advanced AI and mathematical techniques to ensure blockchain protocols work as intended.

CertiK’s speed in execution of audits at scale leaves the competition behind. But don't just take our word for it, listen to what our customers are saying:

Every smart contract audit involves comprehensive manual review by our team of experienced security experts. Automated AI-powered review provides an additional layer of security. Formal verification is an optional further step that certifies smart contract behavior with respect to custom function specifications. This helps developers get a handle on the entire scope of their platform.

How Does a Smart Contract Audit Work?

Every audit involves comprehensive manual review by our team of experienced security experts. Formal verification certifies L1 chain code behavior with respect to custom function specifications, helping developers get a handle on the entire scope of their platform. The process of auditing an L1 is the same as for auditing a smart contract. The five-step process is as follows:

Report an incident if you are under cyber attack and need help!

24/7 Incident Response

An L1 chain audit provides a comprehensive security assessment of a Layer 1 blockchain to identify vulnerabilities and recommend ways to fix them.

CertiK has audited nearly a dozen L1s, along with projects written in all major programming languages, thousands of Web3 projects, and tens of thousands lines of code. As a pioneer in the blockchain security industry, CertiK brings expertise that can only be gained from years of experience with thousands of projects to each and every L1 chain audit.

Web3 Security Leaderboard

Name

What's New

Visit the project’s profile page directly for more details about their status. Some projects may temporarily display as ‘Pending’ but will be available soon.

CertiK has audited thousands of Web3 projects and tens of thousands lines of code written in all major smart contract programming languages.

We bring expertise that can only be gained from years of experience with thousands of projects to each and every audit.

When it comes to security, only the best will do.

Advisory Services

Bug Bounty

Formal Verification

Incident Response

L1 Chain Audit

Penetration Testing

Sky Harbor

Skynet

SkyTrace

Smart Contract Audit

Web 3 Security Audit

Protect Your Project Today

Security Score evaluates a project’s real-time security posture using on-chain and off-chain data.

Sign up and gain access to curated features like watchlist and so on in two simple steps.

SkyHarbor can quickly identify vulnerabilities or suspicious activities in your system, ensuring that your assets are safe and secure.

Actively monitor on-chain smart contracts in real time and present actionable security and Web3 app data insights for the community.

A comprehensive security assessment of your smart contract and blockchain code to identify vulnerabilities and recommend ways to fix them.

What’s in a Smart Contract Audit Report?

An index measuring a crypto project's relative security, market performance, and social sentiment

Providing the largest coverage on languages and ecosystem, as well as faster onboarding options, depending on project code size.

Clients receive rich reports on their smart contract code, complete with comprehensive vulnerability analyses and recommended remediations.

CertiK KYC provides private identity verification for project teams through a rigorous vetting process while maintaining the highest standards of data protection.

#certik #flashloan #defi #blockchain #cryptocurrency
A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 9: What is a Flash Loan?
Learn how a #flashloan works and more in under 2 mins!
https://certik.com/products/skynet

Transcript:

A flash loan is an uncollateralized short-term loan. They are a new invention in the Defi space, introduced by the lending protocol, AAVE. A smart contract is used to borrow and repay flash loans in the same transaction. If a flash loan isn’t repaid in the same transaction, the transaction fails, making it as though the loan never happened.

Flash loans present an opportunity for high-frequency and arbitrage traders with the ability to instantaneously access capital, allowing a trader to sell on one exchange and purchase on another. Arbitrage was more common when liquidity was low and exchanges didn’t share price feeds.

Flash loans have been used to attack exchanges and protocols. This occurs when a malicious user takes out a flash loan from a lending protocol and uses the borrowed funds to manipulate prices on another protocol. Flash loan attacks are very lucrative because the attacker does not have to deploy a lot of capital to carry out the attack.

Smart contract audits are a necessary first step in mitigating a flash loan attack. CertiK’s Skynet on-chain monitoring helps recognize these attacks in real-time and broadcasts community alerts on the Security Leaderboard.

From smart contract audits to on-chain monitoring, there are tools in place to help projects build safer protocols from the ground up.

To learn more about flash loans, visit CertiK.com/resources.

Products & Technology

KYC

Smart Contract Audit

Bug Bounty

L1 Chain Audit

Incident Response

Penetration Testing

Advisory Services

Skynet

SkyTrace

Sky Harbor

Formal Verification

Featured Ecosystems

BNB Chain

Ethereum

Avalanche

Solana

Algorand

NEAR

Cosmos

Polygon