Security audits for high-impact projects

Zeppelin verifies that your decentralized systems work as intended by performing an audit. Our engineers fully review your system’s architecture and codebase, then write a thorough report with actionable feedback for every issue found.

CONTACT

You specify an audit-ready code commit through the email below

QUOTE

You get a quote and timeline

AUDIT

We start the audit

REPORT

We privately send the report to your team

FIXES

Your team fixes the issues

PUBLISH

We examine your fixes, update and publish the report (optional)

Our most popular audit reports


FAQ

What will I find in the audit report?

The report outlines potential problems in the code with actionable recommendations to guard against potential attack vectors, together with a general analysis of the systems’ dynamics reflecting both state-of-the-art security patterns and opportunities for improvement regarding the project's overall quality and maturity.

Is the report private?

Yes. We privately send the report to your team so they can address the issues we found. Publishing the report after your team fixes the issues is optional, but strongly recommended as a way of to contribute to the ecosystem’s security. We can work with you on a disclosure strategy.

Which technologies do you work with?

We audit all kinds of decentralized systems, from smart contracts to compilers and applications. We have strong expertise in Solidity, Vyper, EVM assembly, JavaScript, Python, and Bitcoin Scripting code. We’re open to working with additional technologies if necessary.

The world’s leading projects work with Zeppelin

“Zeppelin's audit report was like Christmas morning for all the engineers. Our team is very pleased with the results.”

Tom Kysar
Tom Kysar

Product Manager at Augur

“I have a very high opinion of the Zeppelin team”

Brendan Eich
Brendan Eich

Founder of Mozilla and Brave

Make your code more secure from day 1

Accelerate your development process by using fully-audited projects, trusted by the best decentralized applications. Make use of the ZeppelinOS framework and the OpenZeppelin package for standard functions in your applications.

Smart Contract Libraries

A framework of modular, reusable, secure smart contracts for the Ethereum network, written in Solidity. Reduce the risk of vulnerabilities in your applications by using standard, tested, community-reviewed code.

Development Platform

A platform for the development and secure management of decentralized applications. It provides an on-chain set of upgradeable standard libraries, and an incentive structure to continually upgrade and patch itself.

Request a security audit

Our quotes and turnaround times vary according to the codebase’s length and complexity. We prioritize clients that base their code and architecture on OpenZeppelin or ZeppelinOS, fully-audited projects, trusted by the world's leading companies.

Send an email to contact@zeppelin.solutions including your project's website, links to your source code, and system documentation.