Audit Types
Smart contract and Web3 security auditing can take many shapes. The type of audit will significantly influence the approach, scope, depth and outcome of the review process. Understanding these differences is crucial for both auditors and project teams.
-
New Audits are comprehensive examinations conducted on previously unaudited code or systems. These audits aim to establish a baseline of security and identify any existing vulnerabilities or design flaws.
-
Repeat Audits follow up on previous assessments to ensure that identified vulnerabilities have been addressed and to examine any changes or additions to the codebase. These audits help maintain ongoing security assurance.
-
Fix Audits are focused reviews that specifically target the corrections or improvements made in response to previous audit findings. They verify the effective implementation of recommended fixes.
-
Retainer Audits provide ongoing security oversight through regular, periodic checks. This audit type offers continuous security support, adapting to new threats and changes in the project’s scope over time.
-
Incident Audits are triggered by security incidents or breaches. They aim to analyze how the incident occurred, assess the impact, and recommend measures to prevent future occurrences.
Each audit type serves a specific purpose within the security lifecycle of a Web3 project, catering to different stages of development and operational needs. Selecting the appropriate audit type is vital for ensuring comprehensive security coverage and resilience against threats.f