SolidStamp Smart Contract Auditor Report — July 2018 edition

Watching Watchmen: Meet smart contract auditors

Smart contracts are the heart of the Ethereum blockchain. Every dApp we engage with contains a smart contract created to dictate how it works at the most basic level. It is safe to say we should expect smart contract creators to produce sound and stable smart contracts. But the proverb, trust but verify, exists for a reason. Smart contract auditors are the independent verification mechanism to determine if the intentions and goals of the contract’s creator were rendered into the language of the blockchain. This verification is essential. Because of this importance, we want to shed some light on the organizations doing the audits to verify the integrity of the smart contracts powering the Ethereum blockchain.

We want to shed some light on the organizations doing the audits to verify the integrity of the smart contracts powering the Ethereum blockchain

Our report details a list of 13 smart contract auditing firms. It includes our analysis of 149 publicly available smart contract audits to visualize the scope and size of audits by these particular companies. From this data, we have focused on what we see as the key metrics to consider when choosing a smart contract auditor:

  • Total token valuation of token audits conducted
  • Total amount of Ether passing through the audited contracts
  • Number of distinct addresses that have interacted with the audited contracts
  • Ratio of token-related audits to all other audits to see the degree of token-only audit activity

Selected information about auditors on the list:

Chainsulting (https://chainsulting.de/) is a blockchain consulting company and leading blockchain expert in Germany. Services are: Smart contract development and audit, individual blockchain solutions, token sale advisory and cryptocurrency investments. Previous and current clients of Chainsulting come from countries such as Australia, USA, Switzerland and Germany. The team includes blockchain developers, financial experts and experienced project managers.

Our methodology and raw data

Our report is based on 149 smart contract audits we found on the Internet. We only considered audits that had a clear indication of client-side commissioning. Audit dates come from either the audit report as indicated or, lacking this, off of the GitHub commit date. Total values for number of public audits, number of 2017 audits and total audits from 2018 is a direct sum of all audits performed, broken down by year.

Disclaimer

This is the first edition of our report and we made every effort to ensure the accuracy and validity of any data published here. However, there is always room for improvement. Please contact us if you believe we have made an error or you would like us to include additional data in future editions.

About SolidStamp

SolidStamp connects smart contract users and security auditors to ensure the safety of their ethers and tokens. We maintain an on-chain database of smart contract audits so you can be sure you are investing your funds securely. SolidStamp allows you to hire top-notch security specialists to audit the contract you plan to use to confirm their authenticity and security.

On-chain registry of Ethereum smart contract audits: https://www.solidstamp.com Discontinued