Security Audits

Zeppelin can verify that your smart contract system works as intended by performing an audit. Our engineers fully review your system’s architecture and your smart contracts codebase, then write a thorough report with actionable feedback for every issue found.


You specify an audit-ready code commit through the form below


You get a quote and timeline


We start the audit


We privately send the report to your team


Your team fixes the issues


We examine your fixes, update and publish the report (optional)


What will I find in the audit report?

The report outlines potential problems in the code, additional recommendations to increase security, and general analysis of the contract dynamics reflecting state-of-the-art security patterns.

Is the report private?

Yes. We privately send the report to your team so they can address the issues we found. Publishing the report after your team fixes the issues is optional, but strongly recommended as a way of to contribute to the ecosystem’s security. We can work with you on a disclosure strategy.

Which technologies do you work with?

We audit all kinds of decentralized applications. We have strong expertise in Solidity, Vyper, EVM assembly, JavaScript, Python, and Bitcoin Scripting code. We’re open to working with additional tools if necessary.

The world’s leading projects work with Zeppelin

“Zeppelin's audit report was like Christmas morning for all the engineers. Our team is very pleased with the results.”

Tom Kysar Tom Kysar Product Manager at Augur

Request a security audit

Our quotes and turnaround times vary according to the codebase’s length and complexity.
We prioritize projects that base their code and architecture on OpenZeppelin, the community-driven, industry-standard library.

Send an email to including your project's website, links to your source code, and system documentation.