Before an audit can begin, a project needs to have its affairs in order. Before the audit, the codebase must be finalized or the last commit completed. It is ineffective to audit a changing codebase; any vulnerabilities introduced to a part of code that the auditor has previously evaluated would render the work done to protect the project up to that point meaningless. Therefore, we recommend projects freeze their code before the audit. Additionally, we expect protocols to have some test coverage of their code.

We will give the project as much time as they need to complete this; no deposit is required to reserve a spot. In the unlikely event that a project requests an audit but has no idea what part of their project should be audited, our team of professional auditors can guide them in the right direction during our kickoff meeting.

Discord

Once the deposit is paid, the project and auditors can use a discord channel created by AuditOne to facilitate open communication. Auditors can engage in a healthy back-and-forth with the project and gain valuable insights. Developers can also ask questions and receive feedback from the auditors to improve the smart contract's quality.