Security audits for distributed systems

Zeppelin verifies that your distributed systems work as intended by performing an audit. Our engineers fully review your system’s architecture and codebase, then write a thorough report with actionable feedback for every issue found.


You specify an audit-ready code commit through the email below


You get a quote and timeline


We start the audit


We privately send the report to your team


Your team fixes the issues


We examine your fixes, update and publish the report (optional)

Our most popular audit reports


What will I find in the audit report?

The report outlines potential problems in the code with actionable recommendations to guard against potential attack vectors, together with a general analysis of the systems’ dynamics reflecting both state-of-the-art security patterns and opportunities for improvement regarding the project's overall quality and maturity.

Is the report private?

Yes. We privately send the report to your team so they can address the issues we found. Publishing the report after your team fixes the issues is optional, but strongly recommended as a way of to contribute to the ecosystem’s security. We can work with you on a disclosure strategy.

Which technologies do you work with?

We have expertise across the whole stack: from languages and compilers, to smart contract systems, protocols and applications. Our audit portfolio spans distributed payment networks, financial structures, and governance systems.

The world’s leading projects work with Zeppelin

“Zeppelin's audit report was like Christmas morning for all the engineers. Our team is very pleased with the results.”

Tom Kysar
Tom Kysar

Product Manager at Augur

“I have a very high opinion of the Zeppelin team and their work.”

Brendan Eich
Brendan Eich

Founder of Mozilla and Brave, Javascript creator

Make your code more secure from day 1

Accelerate your development process by using fully-audited projects, trusted by the best decentralized applications. Make use of the ZeppelinOS framework and the OpenZeppelin package for standard functions in your applications.

Smart Contract Libraries

A framework of modular, reusable, secure smart contracts for the Ethereum network, written in Solidity. Reduce the risk of vulnerabilities in your applications by using standard, tested, community-reviewed code.

Development Platform

A platform to securely develop and manage decentralized applications. It provides an on-chain set of upgradeable standard libraries, and an incentive structure to continually upgrade and patch itself.

Request a security audit

Our quotes and turnaround times vary according to the codebase’s length and complexity. We prioritize clients that base their code and architecture on OpenZeppelin or ZeppelinOS, fully-audited projects, trusted by the world's leading companies.

Send an email to including your project's website, links to your source code, and system documentation.