Smart Contract Audit Cost

Quantstamp Announcements
May 22, 2020

With over 120 audits conducted and over 2 billion USD worth of digital assets secured since we were founded in 2017, Quantstamp is a leader in smart contract security and development. The purpose of this post is to explain the audit pricing process for our potential clients. Many factors contribute to the cost of a smart contract audit including, but not limited to:

When you complete an audit, you receive an official certificate.

Complexity

The varying complexity of an audit influences the cost of an audit. An example of a low cost audit is a token that strictly follows the ERC20 standard. The ERC20 token standard is one of the earliest design patterns in Ethereum smart contract development and is well understood at this point.

As the complexity of an audit increases, it requires more engineering hours, and therefore will lead to a higher audit cost. For example, a DeFi project that interoperates with several different DeFi smart contracts in patterns that have not been utilized before will require more time than an ERC20 audit.

Having clear documentation can also reduce the complexity of an audit. Sometimes, Quantstamp audits projects that have little to no documentation. This requires more time for our auditors to understand these systems and therefore puts upward pressure on the cost.

Timeline

If a client requires smart contracts to be audited within a short timeline, they will be expected to pay a premium. The amount of time it takes to adequately audit a project varies based on complexity, so make sure to contact Quantstamp early in order to factor audit time into your development cycle.

Quote and Audit Process

In order to receive a quote, visit our audits page, click on the `Request a Security Audit` button, and fill out the required information. A Quantstamp business representative will contact you and then schedule a meeting between you, a lead auditor, and the business representative. After receiving all necessary documentation and artifacts, Quantstamp will assess the workload and provide a quote containing the cost of your audit. 

Once accepted, 3 - 4 of our auditors will:

After these steps are complete, an initial report identifying vulnerabilities and other security information will be created and sent to your team. At this point, your audit is still not complete: your team will need to review the findings and send Quantstamp the fixes. Quantstamp will also review these fixes and then send you a final report once all findings and fixes are addressed. 

Throughout the audit process, Quantstamp auditors and client developers will have open lines of communication.


The Certificate

After your audit is complete, you will receive a certificate such as the ones listed below. This certificate can be used to prove to your users that an official audit was conducted by Quantstamp.

Get your smart contract audited by Quantstamp
Secure Now!
June 2, 2020

Quantstamp Community Update - May 2020

Auditing ETH 2.0, Gitcoin NYBW Hackathon, Solidity Summit, here's what happened at Quantstamp in May.

May 28, 2020

How to Be an ETH 2.0 Validator on the Topaz Testnet

The Topaz Testnet is a public Ethereum 2.0 testnet created by Prysmatic Labs. It is a testnet version of Ethereum 2.0 Phase 0 which is planned to launch on mainnet later this year. Anyone can participate in the Topaz Testnet as a validator, and this article will walk you through the process.

May 18, 2020

Securing Your DeFi Project Starts with Quality Testing

Tests are undervalued. Quantstamp secured over 2 billion USD worth of digital assets since 2017. Through our experience securing smart contracts, we noticed that developers highly underestimate the importance of test suites.

May 5, 2020

Quantstamp Community Update - April 2020

Here’s what happened at Quantstamp in April: