smart contract audits

BTblock is a technology and cybersecurity consultancy specialized in providing end-to-end security and auditing solutions, with a focus on servicing clients in the blockchain & cryptocurrency, financial and IoT sectors.

Smart contract audit process

Kickoff Meeting Prior to the BTblock team starting the work, we will host and lead a kickoff call with the Client’s designated sponsor and point of contact (i.e. the “designated engagement manager” or “DEM”) to gather detailed information necessary to ensure a successful engagement. The primary goals of this kickoff call are to:

• Validate that goals and scope are accurately captured in the SOW; • Ensure activities and prerequisites are understood and coordinated prior to commencement; • Identify any obstacles or challenges to completion; • Identify key stakeholders from all parties involved who need to be included in the engagement updates and escalations; • Agree on a secure communication path; and • Discuss timelines for the engagement’s commencement and duration

Threat Model

• Identification of all inputs and outputs, security boundaries, relevant threat scenarios and implemented security controls

Code Audit

• Daily interaction with the client regarding findings and clarifications; • Set up of relevant tooling; • Identification of process flow, critical paths, and critical functions; • Logical code analysis of critical functions ; and • Static code analysis

Quality Check and Preliminary Report

• The report is quality checked by another BTblock team member. • Preliminary report is sent to the Client and findings are discussed.

Final Technical Report

Findings of the review will be compiled and presented in a Technical Report organized into two sections: (i) a full security report and (ii) an executive summary.

Audit reports