ImmuneBytes is a cutting-edge security startup that aims to provide a secure blockchain environment for a dependable and open Web3 ecosystem. Starting our voyage in the middle of the 2020s, we aim to protect the blockchain industry by giving startups and businesses best-in-class solutions for smart contract auditing, making their applications challenging for hackers to access.
Creating a space in the industry, we have successfully evaluated over 175 Web 3.0 projects and assessed funds worth ~4.1B in assets spread across numerous smart contracts. Established in New Delhi, we cater to a client base from all over the world, including the United States, France, the United Kingdom, Germany, Nigeria, and Canada.
Through our auditing services, we detect smart contracts for over 100 vulnerabilities, including the most recent issues appearing in the blockchain domain. We also focus on improving your application's performance and optimizing it for gas. We have presently worked with over 15 blockchain networks, including Ethereum, Solana, PolkaDot, Fantom, and Polygon.
We provide our client with comprehensive project audit reports, covering vulnerabilities classified by severity and the auditor's recommendations for improved smart contract performance. Aside from auditing, we have other services, such as BugBytes, which is an intermediary platform for projects to face white hat hackers for overall security.
Smart contract audit process
It contributes to determining the audit scope, intended business behavior, overall architecture, and project’s goal. Auditors must have access to documents such as the business requirement document, project’s whitepaper/ yellow paper, technical specification document, smart contract code via GitHub commits, and others.
Here, writing unit test cases is the developer’s job. While, the auditor test runs unit test cases, determining if the smart contract is functioning as planned. At this stage, smart contract auditors use auditing tools and testnet, ensuring unit testing covers the maximum risk involved.
It is the most crucial aspect of the auditing process. The auditor scans the code line by line for vulnerabilities. Later, the auditor deploys auditing tools such as Mythril, slither, mythx, scribble, and others for thorough scrutiny of the code. Auditors advise smart contract changes based on vulnerabilities and code optimization.
Following manual and automated audits, an initial report highlighting issues and their severity levels is compiled. Furthermore, the security team provides explanations for issues with the smart contract and its severity levels.
At this stage, auditors directly collaborate with project developers, where developers amend the code based on the initial report. Ideally, every bug, irrespective of its severity level, must be considered, but the developer should first prioritize resolving high and medium severity issues.
Post code refactoring, auditors once again scan through the smart contract, reverifying for optimal code functionality.
"We were extremely satisfied with the services offered by the ImmuneBytes team. They have great experience and understanding of the space. One thing that impressed us the most was their turnaround time! They’re trustworthy and authentic. And we would definitely engage with them again in the future."
Dr. Gabriel Allred, Founder of Bitlectro Labs
"Out of the lot, we picked ImmuneBytes because of their turnaround time, which seemed to be quite impressive. The team was very responsive and flexible during the audit. Our overall experience with them was great. And we'd love to partner up with them in the future!"