(Re)staking, AVS and UniswapV4 Smart Contract Security Audits
Get throughly tested by the creators of Smart Contract Security Verification Standard
They have trusted us
Hear from people we worked with
CTO Dean Rubin, Othentic Labs
Dean Rubin, CTO of Othentic Labs, partnered with Composable Security to conduct a thorough security review of the Rewards V2 smart contract module. The project aimed to verify the robustness of a new rewards distribution mechanism integrated with EigenLayer and ensure secure cross-chain operations across multiple Layer 2 networks.
CEO Amadeo Brands, YieldNest
Amadeo Brands, CEO of YieldNest, partnered with us to evaluate the security of their Max Vault integration with the Kernel protocol on BNB Chain. The goal was to ensure safe yield generation and optimize protocol robustness before launch.
Chief Architect Nick Velloff, Braintrust
Nick Velloff came to us for a security review of Braintrust, a decentralized talent network. The primary objective was to ensure the secure expansion of the Braintrust platform onto the Base network, validate integrations with third-party services such as Coinbase Onramp, and secure the wallet infrastructure used by its users.
Trust us, others have already done it
We understand that blockchain builders demand security that’s transparent, proactive, and reliable.
>
$
15
B (USD)
in TVL held by audited protocols
95
% clients
wants to have their next audit with us
>
60
% audits
reported and fixed Critical/High issues
50
% clients
already had more then one audit with us
| | |
| | |
 | | |
| |  |
Tailored security solutions to meet the unique needs of your blockchain projects
Our services.
Smart contract audits
Secure your project
Verify personalized threats
Get extensively tested
Undergo manual review
Get detailed report
Threat modeling
Take part in a workshops
Introduce security by design
Expand the team’s knowledge
Improve security awareness
Get detailed report
Security consultations
Take advantage of expert advice
Gain confidence
Delegate work to professionals
Use a second opinion
Get detailed report
Let us help
Get throughly tested by the creators of Smart Contract Security Verification Standard
Our Smart Contract Audit Process
A structured approach to asses and secure DApps.
1. Initial Contact –
You reach out to us via our website (or any preferred channel). We’ll respond within 24 hours to discuss your project’s scope.
2. Customized Proposal +
We analyze your requirements and prepare a tailored offer that addresses your specific needs.
3. Contract & Initial Payment +
We finalize the contract details, and once both parties have signed, you pay 50% of the agreed fee.
4. Audit Execution +
Our team conducts a thorough audit of your smart contract, identifying potential vulnerabilities and compliance issues.
5. Audit Report & Final Payment +
We share a detailed report of our findings. You then pay the remaining 50%.
6. Corrections & Retest +
After you make recommended corrections, we conduct a retest to ensure all issues have been resolved.
7. Peace of Mind +
With our final sign-off, you can confidently deploy your smart contract, knowing it has been rigorously tested.
Our specializations
Supported chains
(Re)staking
Liquid (re)staking, EigenLayer, Symbiotic, and more integrations.
AVS
Shared security projects, integration with Othentic and others.
UniswapV4
Projects using hooks or custom hook implementation.
EVM
DeFi, Tokens, GameFi, RWA, Oracles, Staking, StableCoins and more!
Examples of vulnerabilities we found and the impact of our security expertise.
high
Enabling stETH deposits causes miscalculations and permanent losses for users as rebase tokens are not supported
Learn more
Stay ahead of the curve with insights, updates, and expert tips from our team.
Let us help
Get throughly tested by the creators of Smart Contract Security Verification Standard
Frequently asked questions
Can’t find an answer? Contact us or follow us on Twitter.
Paweł Kuryłowicz
Managing Partner & Smart Contract Security Auditor
Damian Rusinek
Managing Partner & Smart Contract Security Auditor
What is Composable Security? +
We are a small, elite team of smart contract auditors specializing in (re)staking, AVS, and hooks. We tailor our solutions to each client’s unique needs. We reject one-size-fits-all strategies in favor of a personalized, continually evolving service that delivers the highest level of security.
What is smart contract audit? +
A smart contract audit is a comprehensive examination of the code underlying a blockchain-based smart contract. This process involves expert auditors looking for security vulnerabilities, design issues, and efficiency problems. The goal is to ensure the smart contract operates as intended, without any flaws that could lead to security breaches, rug pulls, or hacks.
Smart contract audit is crucial in the blockchain ecosystem to maintain trust and reliability in projects building decentralized applications.
How long do audits take? +
It depends on the complexity of the smart contract. However, on average it takes approximately two weeks.
To learn about how we perform smart contract audits head to this artice.
How much does a security review cost? +
Smart contract audits done by professionals typically cost ~$10000-$30000 for an average project. The price of the audit depends on many factors, but the following have a key impact on the price:
- number of lines of solidity code (nSLOC),
- the complexity of the code,
- documentation quality and code clarity,
- whether the auditors know your protocol and the components you use,
- whether you are using standard implementations or implementing something from scratch,
- the deadline for the audit.
Smart contract audit cost can be slightly minimized if before the audit you use a checklist prepared by us.
What kind of post-audit support do you provide? +
After introducing the changes to the smart contract, we perform a one-time verification to make sure that the recommendations have been introduced in the right way and that the found vulnerabilities do not exist anymore. Afterward, we are always open to assisting our clients in answering all of their questions and helping in solving issues related to security.
To learn about how we perform smart audits head to this article.
Why do smart contracts need to be audited? +
Smart contracts need to be audited to ensure their security and effectiveness. As they are self-executing contracts with the terms directly written into code, any flaws can lead to significant financial losses.
Smart contract audits help identify vulnerabilities before deployment, safeguarding against potential hacks and ensuring the contract functions as intended.