Blockchain Development

Learn How to Prepare for a Smart Contract Audit

Security and code quality is a top priority. This webinar is designed to help teams to understand and get the best results from the audit process

By ConsenSys

January 21, 2020

Deployments of smart contracts onto the Ethereum blockchain are on the rise. Since late 2017, the number of successful calls to smart contracts has remained consistent at 1.2 million per day. It is imperative to ensure that these smart contracts, often holding important assets, are not exploited. At present, a contract audit before deployment is the best option available to identify subtle vulnerabilities and assessing the quality and security of code.

What is a smart contract audit?

A smart contract audit is an assessment of the secure development process. During the smart contract audit, developers have an opportunity to learn from Ethereum experts, identify gaps in their coding process, and denote underspecified areas of their systems.

What are the limitations of smart contract audits?

A smart contract audit cannot replace internal quality assurance, overcome excessive complexity or poor architecture, nor can it guarantee no bugs or vulnerabilities whatsoever. 

What is the importance of auditing smart contracts ?

The DAO hack. No need to say more. 


Learn how to prepare for a smart contract audit

Steps to prepare for a smart contract audit. (ConsenSys Diligence)

Start with good documentation

Have a clear, concise, simple description of what you are building, and why you are building it. The documentation should include descriptions for the overall system and for each unique supporting smart contract.

it includes a specification of your system’s intended functionality. For each contract, it should describe the most important properties or behaviors that should be maintained. It should also describe the actions and states that should not be possible.

Clean up the code, make it easier to run

Be sure to run a linter on your code, fix any and all errors that come about. Address all warnings that the compiler produces. Remove any unneeded code. Address and remove any TODO or FIX me indicators, if this is the final audit before deploying to mainnet.

Freeze the code

It is imperative to freeze the code, halt development, and relay a specific git comment hash to begin the commencement of the audit. Any changes done after the audit begins will not be included in the audit. It is better to delay an audit than to add changes to the code afterwards.

Click here to access the webinar

To learn the steps to prepare for an audit, tune into ConsenSys Diligence’s webinar about Preparing for a Smart Contract Audit. This webinar is designed to help teams to understand and get the best results from the audit process. Be sure to stick around for the  interactive Q&A session at the end!

Covered topics in the webinar:
  • Getting the best results from the audit process
  • Preparing your codebase for an audit
  • Important next steps following a smart contract audit
Webinar presenters:

John Mardlin, Security Engineer & Auditor

Brianna Montgomery, Business Development Lead

Steve Marx, Security Auditor


Learn everything you need to start building on the Ethereum blockchain.

Visit the Ethereum Developer Portal →