Smart Contract Audit Cost

Quantstamp Announcements
May 22, 2020

With over 120 audits conducted and over 2 billion USD worth of digital assets secured since we were founded in 2017, Quantstamp is a leader in smart contract security and development. The purpose of this post is to explain the audit pricing process for our potential clients. Many factors contribute to the cost of a smart contract audit including, but not limited to:

When you complete an audit, you receive an official certificate.

Complexity

The varying complexity of an audit influences the cost of an audit. An example of a low cost audit is a token that strictly follows the ERC20 standard. The ERC20 token standard is one of the earliest design patterns in Ethereum smart contract development and is well understood at this point.

As the complexity of an audit increases, it requires more engineering hours, and therefore will lead to a higher audit cost. For example, a DeFi project that interoperates with several different DeFi smart contracts in patterns that have not been utilized before will require more time than an ERC20 audit.

Having clear documentation can also reduce the complexity of an audit. Sometimes, Quantstamp audits projects that have little to no documentation. This requires more time for our auditors to understand these systems and therefore puts upward pressure on the cost.

Timeline

If a client requires smart contracts to be audited within a short timeline, they will be expected to pay a premium. The amount of time it takes to adequately audit a project varies based on complexity, so make sure to contact Quantstamp early in order to factor audit time into your development cycle.

Quote and Audit Process

In order to receive a quote, visit our audits page, click on the `Request a Security Audit` button, and fill out the required information. A Quantstamp business representative will contact you and then schedule a meeting between you, a lead auditor, and the business representative. After receiving all necessary documentation and artifacts, Quantstamp will assess the workload and provide a quote containing the cost of your audit. 

Once accepted, 3 - 4 of our auditors will:

After these steps are complete, an initial report identifying vulnerabilities and other security information will be created and sent to your team. At this point, your audit is still not complete: your team will need to review the findings and send Quantstamp the fixes. Quantstamp will also review these fixes and then send you a final report once all findings and fixes are addressed. 

Throughout the audit process, Quantstamp auditors and client developers will have open lines of communication.


The Certificate

After your audit is complete, you will receive a certificate such as the ones listed below. This certificate can be used to prove to your users that an official audit was conducted by Quantstamp.

Quantstamp Announcements
May 22, 2020

With over 120 audits conducted and over 2 billion USD worth of digital assets secured since we were founded in 2017, Quantstamp is a leader in smart contract security and development. The purpose of this post is to explain the audit pricing process for our potential clients. Many factors contribute to the cost of a smart contract audit including, but not limited to:

When you complete an audit, you receive an official certificate.

Complexity

The varying complexity of an audit influences the cost of an audit. An example of a low cost audit is a token that strictly follows the ERC20 standard. The ERC20 token standard is one of the earliest design patterns in Ethereum smart contract development and is well understood at this point.

As the complexity of an audit increases, it requires more engineering hours, and therefore will lead to a higher audit cost. For example, a DeFi project that interoperates with several different DeFi smart contracts in patterns that have not been utilized before will require more time than an ERC20 audit.

Having clear documentation can also reduce the complexity of an audit. Sometimes, Quantstamp audits projects that have little to no documentation. This requires more time for our auditors to understand these systems and therefore puts upward pressure on the cost.

Timeline

If a client requires smart contracts to be audited within a short timeline, they will be expected to pay a premium. The amount of time it takes to adequately audit a project varies based on complexity, so make sure to contact Quantstamp early in order to factor audit time into your development cycle.

Quote and Audit Process

In order to receive a quote, visit our audits page, click on the `Request a Security Audit` button, and fill out the required information. A Quantstamp business representative will contact you and then schedule a meeting between you, a lead auditor, and the business representative. After receiving all necessary documentation and artifacts, Quantstamp will assess the workload and provide a quote containing the cost of your audit. 

Once accepted, 3 - 4 of our auditors will:

After these steps are complete, an initial report identifying vulnerabilities and other security information will be created and sent to your team. At this point, your audit is still not complete: your team will need to review the findings and send Quantstamp the fixes. Quantstamp will also review these fixes and then send you a final report once all findings and fixes are addressed. 

Throughout the audit process, Quantstamp auditors and client developers will have open lines of communication.


The Certificate

After your audit is complete, you will receive a certificate such as the ones listed below. This certificate can be used to prove to your users that an official audit was conducted by Quantstamp.

Get your smart contract audited by Quantstamp
Secure Now!
November 11, 2020

Quantstamp Community Update - October 2020

‍Audit of Ethereum 2.0 client Teku, blockchain insurance, Open DeFi, virtual events, and more media coverage... here’s what happened at Quantstamp in October.‍

November 5, 2020

Why Bitcoin is Capturing Enterprise Attention

MicroStrategy made headlines this summer as the first publicly-traded company to buy Bitcoin as part of its capital allocation strategy. Since then, other companies have followed suit. Learn how current economic conditions and the unique properties of Bitcoin have driven these decisions.

October 28, 2020

Formally Verifying Hedera Hashgraph's Stablecoin Framework

Quantstamp created and formally verified a specification for Hedera Hashgraph stablecoins. This simplifies the process of creating safe stablecoins and also makes easier for partners to safely integrate them.

October 27, 2020

Quantstamp Completes Audit of 2nd ETH 2.0 Implementation

Quantstamp has now completed its audit of Teku, the Ethereum 2.0 client developed by ConsenSys. Quantstamp also audited Prysm by Prysmatic Labs.