Please enable JavaScript.
Coggle requires JavaScript to display documents.
Contract Audit, Full Audit, :star: = required input from client, :explode:…
Contract Audit
Full Audit
Automated Testing
Unit testing
does the contract do what it's supposed to do?
:explode: Output: report (faults and fixes)
remedy any problems found
:star: consult with client where necessary :
suggest & make fixes (if contract is not yet deployed)
Automated tools
symbolic execution
static analysis
fuzzing
:explode: Output: list of faults found and their fixes
Remedy: fix any faults found
Manual Testing
Manual Review
code review
correctness
clarity
performance
security review
scan for weak points
reentrancy
delegatecall
calls to external contracts
randomness
overflows/underflows
variable & method scope
method permissions
defensive suggestions
OpenZeppelin Libraries
?
Penetration Testing
Output
Remedy
Preparation
Study documentation/code
:star: documentation (if exists)
:star: code
:star: contract address (if deployed)
:star: Interview with client regarding
purposes, intentions of code, etc.
Optional
Monitoring
general automatic monitoring
Forta bot monioting
customized monitoring
:explode: Report
:star: = required input from client
:explode: = an output to client