AUDT

SMART CONTRACT AUDIT

Smart contract repository audits with deterministic detectors, HOUND AI reasoning, tested hypotheses, and curated findings.

KEY CAPABILITIES

Discover how smart contract audit strengthens your smart contract security

STAT

DETERMINISTIC + AI

Fast pattern and bug-class detectors identify concrete signals; deep audits add repository-scale reasoning and best-effort Slither corroboration.

AI

HOUND AI TRIAGE

Firepan's HOUND AI engine correlates findings across tools, cuts false positives, and understands business logic context that pattern-matching alone misses.

VULN

20+ VULNERABILITY CLASSES

Reentrancy, access control, oracle manipulation, flash loan attacks, and 16+ more — each documented in Firepan's public vulnerability database with real exploit data.

<5min
Free Surface Scan
20+
Vulnerability Classes
$299
Starting Monthly
Commit
Scoped Evidence

HOW IT WORKS

Our streamlined process makes smart contract audit simple and effective

1

CONNECT YOUR REPO

Submit a public GitHub repository to the free API scan, or connect an authenticated repository for ongoing workflows.

2

DEEP AUDIT RUNS

HOUND maps the scoped code, generates and tests security hypotheses, then curates duplicate and low-confidence signals.

3

GET YOUR REPORT

A findings report with severity ratings and remediation guidance. Connected repositories can run separate checks on configured future events.

USE CASES

  • Pre-launch teams who need audit findings before mainnet deployment, fast
  • Protocols shipping frequent upgrades that a one-time audit can't keep up with
  • Teams that want CI/CD-integrated security checks on every pull request
  • Projects evaluating a CertiK, Trail of Bits, or OpenZeppelin engagement who want a free first pass
  • DAOs and teams needing an audit trail for governance and investor transparency

SEE A REAL AUDIT REPORT

Not a demo — an actual engagement. Firepan's review of VIA Labs' cross-chain messaging gateway surfaced two confirmed auth-bypass primitives, both acknowledged and patched by the VIA Labs team.

AUDIT PRICING

A subscription, not a per-engagement invoice — run deep audits and repeat scans on configured repository events, for a fraction of a traditional audit firm's per-project rate.

Starter

$299/mo

Perfect for individual developers and small projects

  • Repositories Monitored: 5
  • Surface Scans/Repo/Month: 8
  • Deep Scans/Month: 7
  • Deep Audits/Month: 1

Professional

$1199/mo

For growing teams with multiple smart contract projects

  • Repositories Monitored: 15
  • Surface Scans/Repo/Month: 12
  • Deep Scans/Month: 12
  • Deep Audits/Month: 3

Enterprise

$2999/mo

For organizations requiring comprehensive security coverage

  • Repositories Monitored: 50
  • Surface Scans/Repo/Month: 20
  • Deep Scans/Month: 40
  • Deep Audits/Month: 10

Need a one-time boutique manual review instead? Contact us for a scoped quote.

AN AUDIT IS A SNAPSHOT

A traditional audit report describes one commit, on one day. The moment you ship your next change, that report is out of date — and most exploits happen after a report is issued. Firepan can pair scoped audits with configured repository-triggered scans and the separate Sentinel token scorecard. Those products cover different inputs; neither should be described as universal on-chain surveillance.

See Continuous Auditing →

FREQUENTLY ASKED QUESTIONS

How much does a smart contract audit cost?

Firepan's published plans start at $299/month for 5 repositories and 1 deep audit per month, and scale to $2,999/month for 50 repositories and 10 deep audits per month. Human-led engagements are scope-dependent; request a current written quote for the exact repository and review requirements.

How long does a smart contract audit take?

A free surface scan usually returns in seconds or minutes. Deep-audit timing varies with repository size, scope, compilation, and the number of hypotheses investigated; progress is exposed asynchronously through the API and dashboard.

What does Firepan's audit actually check?

The free surface scan applies deterministic pattern and bug-class detectors with optional LLM verification. Deep audits map the codebase, form and test security hypotheses, curate findings, and use Slither as best-effort corroboration when the target compiles. Results include severity and remediation context, but no automated audit guarantees that code is vulnerability-free.

Is an AI audit a replacement for a manual audit from CertiK or Trail of Bits?

No automated system is a universal replacement for independent human review, formal verification, or a bug bounty. Firepan is useful for fast triage, repeatable repository checks, and deeper hypothesis-driven analysis; high-value launches should choose additional assurance based on scope, TVL, novelty, and certification requirements.

What happens after the audit is done?

A report describes a specific scope and commit. Firepan can scan connected repository changes after that point, while Sentinel provides a separate contract-address risk scanner for deployed EVM tokens. Teams should confirm which repositories and contracts are actually connected rather than assume blanket coverage.

READY TO ENHANCE YOUR SECURITY?

Use Firepan's smart contract audit workflow as one evidence layer in a broader smart contract security program.