Smart Contract Audit
An independent security review of a blockchain smart contract's code to identify vulnerabilities before deployment or investment.
Also known as: code audit, security audit, contract review
Last reviewed: 10 June 2026
A smart contract audit is a formal review conducted by a security firm that examines the code of a DeFi protocol, token, or NFT contract for vulnerabilities, backdoors, and logic errors. The audit report, ideally published publicly, details findings and whether they have been addressed.
Audits are a critical consumer-protection signal, but they are not a guarantee of safety. Common fraud patterns include: projects displaying logos of audit firms that never actually audited them; audits commissioned only after a contract is deployed; audits that were completed but whose recommendations were not implemented; and contracts that have been modified after the audit was published.
Consumers should verify audit reports directly on the audit firm's website rather than relying on links provided by the project, check the audit date against the contract deployment date, and read whether critical findings were marked as resolved or acknowledged-only.