Hashlock is an Australian blockchain security company, with our main service being smart contract auditing. We are the first fully independent-from-development auditor to be accepted by Blockchain Australia. We are a highly skilled team of competition level auditors and security researchers who work closely with our clients.
Smart contract audit process
Specification analysis and matching
We work with the developers to understand the specs and goals of the protocol, and ensure the code matches those outlines from a top level. We also start researching and collating similar protocols / audits and what vulnerabilities are often found in those code bases.
Manual analysis
Our team manually scrutinises the code line-by-line, whilst referencing our database of past vulnerabilities found in public contests and internal audits. Our standard for this stage is to be able to write the code in a different way without looking before stopping this phase.
Simulated testing
Making checks using industry standard and also proprietary automated tools.
Formal verification (optional)
Depending on the code base, we will sometimes conduct mathematical formal verification to prove certain thesis.
Detailed gas optimisation review
We spend some time only focusing on gas optimisation.
Quality assurance
We spend some time focusing only on best practices to report
First revision
We provide an internal first revision report to the dev team to acknowledge or make changes on
Final revision
We then review any made changes and finalise the report.