Evidence tiers · Verifier pass · Confidence on every finding

Your smart contract's immune system.

Protocol-aware scans: static and graph checks on every run, plus an optional multi-agent AI stage that reasons across contracts. We prioritize fewer, higher-signal findings over long noisy lists—not a substitute for a human audit, but a fast way to catch real cross-contract risk early.

auditswarm-engine-v2
+0msInitializing Swarm Agent Network...
+124ms[Agent-1] Extracting AST from UniswapV3Pool.sol
+289ms[Agent-2] Mapping cross-contract dependencies
+412ms CRITICALReentrancy vulnerability detected in flash()
+560msCompiling actionable fix pattern...
+890ms Audit report generated. Protocol score: C

Works with every EVM chain

EthereumPolygonArbitrumOptimismBaseBNB ChainAvalanche

THE BLIND SPOT

Single-file scanners miss the exploits that actually drain protocols.

Real protocols are 5-50 interconnected contracts. Attackers exploit the trust boundaries between them — the places single-file passes often skip.

Single-file scanner
scan — Vault.sol
PASSReentrancy guard detected
PASSSafeMath overflow check
PASSAccess control verified
0issues found. Contract is safe.

Looks clean in isolation. But this contract calls Oracle.getPrice(), which may be manipulable via flash loan through a third contract that scan did not include.

AuditSwarm Protocol Scanner
Vault
3 links
Oracle
2 links
Router
2 links
LP Pool
1 links
Cross-contract exploit path found
Attack trace:
1. Flash loan via Router
2. Manipulate Oracle.getPrice()
3. Drain Vault.withdraw() at inflated price

Example: a cross-contract path through Router → Oracle → Vault is the kind of interaction AuditSwarm is built to surface when multiple contracts are in scope—not a guarantee for every repo, but the class of bug teams miss in single-file passes.

WHAT NOBODY ELSE DOES

Built for how DeFi actually gets hacked.

Multi-Contract Protocol Analysis

Upload multiple .sol files (Pro for full multi-file) or fetch Solidity from a public GitHub repo. We map contracts and call edges so cross-contract issues surface in context—not as isolated file passes.

Dependency Graph Visualization

See how contracts connect in your scan report. Useful for spotting trust boundaries and where external calls concentrate—then validate in code.

Exploit Storytelling

When a finding lines up with a known incident pattern, we enrich it with real-world hack context from our database. Not every row maps to a headline case—when it does, it is there to explain why the class matters.

Dual Reports: Developer + Founder

One toggle: engineer view with paths, severity, and fixes; stakeholder view with plainer language. Same findings—two ways to read them.

Confidence and evidence tiers

Each finding carries a confidence score plus a tier (e.g. proven vs review). A verifier pass and snippet checks strip weak hits—aiming for fewer, clearer signals instead of a wall of noise.

Industry context

We draw on a curated exploit and pattern dataset so results sit in the same vocabulary teams use in post-mortems—context for triage, not a guarantee your protocol matches a past incident.

Scan progress

Deep and Protocol runs show multi-stage progress while the engine works—static passes first, then capped AI steps where your plan allows. You see activity, not a black box.

THE PROCESS

Protocol-level security in three steps.

01

Sign up and add code

Create a free account, then upload .sol files, paste a contract, or pull Solidity from a public GitHub URL. ZIP uploads are not supported yet—use individual files. Free tier is single-file; Pro unlocks multi-file.

02

Pick Quick or Deep

Quick Scan runs deterministic checks (patterns, AST, taint)—fast, no LLM. Deep Scan adds multi-agent AI plus a verification pass on top. Protocol Audit adds PoC-oriented steps for paid plans.

03

Review honest findings

Open the report: severity, confidence, evidence tier, and optional hack context. Toggle Developer vs Founder view. Export PDF when you need a shareable artifact.

$0.0B+

Order of magnitude: reported DeFi losses in recent years (sources and years vary)

0+

Curated vulnerability patterns and incident references in-engine (grows with the dataset)

Three scan paths

Quick: deterministic only. Deep: AI plus verification. Protocol: deepest analysis and PoC-oriented steps on paid plans.

Reality check

No scanner eliminates risk. We bias toward verified, evidence-backed findings so your team spends time on what matters.

Simple, transparent pricing.

Monthly
AnnuallySave 20%

Free

Try the engine: 5 Quick Scans (1 credit each) or 1 Deep Scan (5 credits).

$0/mo
5 credits (one-time)
5 scan credits (one-time)
Quick Scan — patterns, AST, and taint (no LLM)
Deep Scan — multi-agent AI + verifier
200+ exploit pattern database
Multi-contract scanning
Protocol Audit + Foundry PoC
Credit top-ups
Most Popular

Pro

For developers who ship to mainnet. Full AI engine + exploit proofs.

$39/mo
50 credits/month
50 scan credits/month
Deep Scan — multi-agent AI + verifier
Protocol Audit + Foundry PoC
Multi-contract analysis
Exploit storytelling with real hacks
Credit top-ups ($9.99 / 10 credits)
API access

Team

For auditing firms and protocol teams. Maximum coverage.

$159/mo
200 credits/month
200 scan credits/month
Everything in Pro
Unlimited team members
API & CI/CD pipeline access
Credit top-ups ($7.99 / 10 credits)
Priority support
Custom policy rules
14-day money-back guarantee · Cancel anytime

WHAT BUILDERS SAY

Built for how teams review risk.

Illustrative quotes—swap in real customer stories as you collect them.

We use AuditSwarm as a first pass before external audit—especially for cross-contract and oracle-adjacent code. It is fast enough to run on every PR once CI is wired up.

RM

Rahul M.

Lead Smart Contract Developer, DeFi Protocol

The founder-facing view helps us explain severity without dumping a spreadsheet of alerts on the team. We still verify anything critical manually—but the narrative cuts prep time.

SK

Sarah K.

Co-Founder, Lending Protocol

Seeing contracts as a graph in the report matches how we already think about composability. It is not a replacement for a formal audit, but it is a better starting point than lint-only CI.

JL

James L.

Senior Solidity Engineer

Stop auditing one contract. Start securing your protocol.

Free tier: starter credits, no card required. Quick Scan is usually seconds to a minute on small contracts; Deep Scan can take a few minutes depending on size. We do not promise human-audit completeness—we promise a clear, prioritized signal you can act on.

Get started free

Paid plans: see pricing for Pro trial terms and cancellation.