ConsenSys Home
Contact

By using this site, you agree to our use of cookies, which we use to analyse our traffic in accordance with our Privacy Policy. We also share information about your use of our site with our analytics partners.

NewsDevelopersEnterpriseBlockchain ExplainedEvents and ConferencesPressNewsletters

Subscribe to our newsletter.

We respect your privacy

Home
Blog
Diligence

Learn How to Prepare for a Smart Contract Audit

Security and code quality is a top priority. This webinar is designed to help teams to understand and get the best results from the audit process
by ConsenSysJanuary 21, 2020
Learn How to Prepare for a Smart Contract Audit Webinar
1xdfzFu3BMFRIuUFLSxttfw

Deployments of smart contracts onto the Ethereum blockchain are on the rise. Since late 2017, the number of successful calls to smart contracts has remained consistent at 1.2 million per day. It is imperative to ensure that these smart contracts, often holding important assets, are not exploited. At present, a contract audit before deployment is the best option available to identify subtle vulnerabilities and assessing the quality and security of code.

What is a smart contract audit?

A smart contract audit is an assessment of the secure development process. During the smart contract audit, developers have an opportunity to learn from Ethereum experts, identify gaps in their coding process, and denote underspecified areas of their systems.

What are the limitations of smart contract audits?

A smart contract audit cannot replace internal quality assurance, overcome excessive complexity or poor architecture, nor can it guarantee no bugs or vulnerabilities whatsoever. 

What is the importance of auditing smart contracts ?

The DAO hack. No need to say more. 

Learn how to prepare for a smart contract audit

Steps to prepare for a smart contract audit. (ConsenSys Diligence)

Start with good documentation

Have a clear, concise, simple description of what you are building, and why you are building it. The documentation should include descriptions for the overall system and for each unique supporting smart contract.

it includes a specification of your system’s intended functionality. For each contract, it should describe the most important properties or behaviors that should be maintained. It should also describe the actions and states that should not be possible.

Clean up the code, make it easier to run

Be sure to run a linter on your code, fix any and all errors that come about. Address all warnings that the compiler produces. Remove any unneeded code. Address and remove any TODO or FIX me indicators, if this is the final audit before deploying to mainnet.

Freeze the code

It is imperative to freeze the code, halt development, and relay a specific git comment hash to begin the commencement of the audit. Any changes done after the audit begins will not be included in the audit. It is better to delay an audit than to add changes to the code afterwards.

Learn How to Prepare for a Smart Contract Audit [Webinar]
Click here to access the webinar

To learn the steps to prepare for an audit, tune into ConsenSys Diligence’s webinar about Preparing for a Smart Contract Audit. This webinar is designed to help teams to understand and get the best results from the audit process. Be sure to stick around for the  interactive Q&A session at the end!

Covered topics in the webinar:
  • Getting the best results from the audit process
  • Preparing your codebase for an audit
  • Important next steps following a smart contract audit
Webinar presenters:

John Mardlin, Security Engineer & Auditor

Brianna Montgomery, Business Development Lead

Steve Marx, Security Auditor

Learn everything you need to start building on the Ethereum blockchain.

Visit the Ethereum Developer Portal →

Newsletter
Subscribe to our newsletter for the latest Ethereum news, enterprise solutions, developer resources, and more.

Related Articles