Crypto Auditor

Blockchain and smart contract security auditing suite.

What It Does

Analyzes smart contract security across multiple ecosystems: Solidity/EVM (Ethereum, L2s), Rust/CosmWasm (Cosmos chains), Move/Aptos, and ZK circuit languages (Circom, Halo2, Noir). Covers bridge security, DeFi protocol analysis, wallet and key management testing, and node infrastructure assessment. Combines SAST scanning, fuzzing, and symbolic execution.

Methodology

The crypto-auditor runs a multi-stage audit pipeline:

1. Static Analysis — semgrep, Slither, Aderyn for Solidity; cargo-deny + custom lints for Rust
2. Fuzzing — Echidna (EVM), Arbitrum stylus fuzzer, property-based testing
3. Symbolic Execution — Manticore, Halmos for invariant analysis
4. Manual Review — access control, upgrade patterns, reentrancy, oracle dependencies
5. Bridge Auditing — validator set analysis, message verification, replay protection
6. ZK Circuit Review — constraint completeness, soundness bugs, trusted setup risks

When to Use

Use when auditing Solidity smart contracts, CosmWasm modules, Move packages, or ZK circuits. Trigger via /crypto-auditor or the Skill tool. Run with --quick for SAST-only pass, --deep for full fuzzing and symbolic execution.

Usage

RedTeamScript(skill="crypto-auditor", script="audit", args="--repo https://github.com/org/protocol --mode deep --output audit-report.json")

Related

• Blockchain Exploit
• Source Code Auditor