Now booking · founders' rates for the first three engagements

Smart Contract Security Audits

Solidity, ZK circuits, and the off-chain code that drives them. Principal-led review, every line read, and a report you can act on the day it lands.

Request an AuditHow we work
CRITICALC-01

Re-entrant withdraw() lets any caller drain the vault

src/Vault.sol:87
function withdraw(uint256 amount) external {
    (bool ok, ) = msg.sender.call{value: amount}("");
    require(ok);
    balances[msg.sender] -= amount; // state update after call
}

The balance update happens after the external call. A contract recipient can re-enter withdraw() before line 90 runs and withdraw the same balance repeatedly.

Sample finding, shown in our report format: severity, location, and the exact line that bites.

Audit Services

From the circuit to the keeper that pokes it. Logic, economics, and code quality reviewed in every engagement.

Solidity Audits
Reentrancy, access control, oracle abuse, MEV. The classics, plus the bug that's specific to your design.
Periphery Audits
Keepers, bots, and backends in TypeScript, Rust, Python, or Go. On-chain security assumptions die in off-chain code more often than anyone admits.
ZK Circuit Audits
Noir circuits and their on-chain verifiers. Soundness gaps survive compilers and happy-path tests; someone has to read the constraints.
View all services →

Why Cimora

What you actually get when you hire us

Specialized passes, not one tired skim

Security, logic, economics, and code quality each get a dedicated review pass. The reviewer hunting reentrancy is not the reviewer checking your rounding.

Verified findings only

Every finding is re-checked against the code before it reaches the report. If we can't defend it, you never see it.

Reports built to be read

Severity, location, the exact code, and the fix. A fix-verification round is included to confirm the patch actually closes the hole.

Principal-led, start to finish

The principal who scopes your audit reads your code and signs the report. No handoffs, no juniors hiding behind a logo.

Be the report on this page

Nothing sells an audit firm like a published report with a real name on it, and we're paying for our first one. One small protocol gets a complete, principal-led engagement for a flat $5,000 — in exchange for letting us publish the full report right here.

$5,000
flat, fix verification included
1
slot — by application
$1,500/day
our standard rate, for comparison
100%
of the report published, post-fix
Apply for the Slot

The trade, plainly: the codebase must be small — as scoped by our weighted-SLOC model, at our discretion — code-complete at a frozen commit, and a real protocol that's deployed or heading there. The full report goes public after your fixes are verified, with your protocol's name on it. Scopes bigger than small? Founders' rates still apply.

Audit Process

A structured approach from scoping to final report

01

Scope

Define scope and sign agreement

02

Audit

Expert code review and analysis

03

Report

Detailed findings with recommendations

04

Fixes

21-day window for remediation

05

Final

Fix verification and final report

Learn more about our methodology →

Ready to secure your protocol?

Tell us what you’re shipping and when. We’ll tell you what it needs.

Request an Audit