One of the most common questions we receive is how much time smart contract auditing takes. The quick answer is ‘it depends‘, however in this post we’ll try to give you some guidance on how to plan for your audit.
Smart contract auditing should be included in your development plan from the very beginning. Too often, the decision to have an audit conducted is made at the last minute and it ends up costing more because of priority-rush charges.
We’re happy to work with you to turn an audit around quickly, but the best audit occur when all parties have plenty of time. We maintain high quality reviews in all cases, however when we have more time to work with our clients, it creates the best learning opportunities. Yes, it’s important to uncover vulnerabilities in smart contracts, but our goal is to help you learn from patterns we uncover so that future mistakes are prevented. Let us know before you’re ready and we can get you on our schedule ahead of time.
Once you’re ready for the audit, it takes a few days to initiate the project, finalize scoping, and sign our contact. You will be assigned a lead auditor and the audit of an average smart contract will take 2-14 days. This is completely dependent on the smart contract’s size and complexity. We’re happy to give time estimates before the project starts.
After we present you the audit findings, we will give you a remediation period and spend a couple days conducting remediation testing. Once all testing is complete, we will issue your public and internal reports.
This process can be completed from beginning to end in a about a week for simple contracts and up to a month for complex ones.