Auditors
PAL works with a curated pool of reputable auditors in the Web3 security space. This includes both traditional auditing firms and platforms for crowdsourced audits.
The following is a list of PAL-approved auditors with their contacts:
Traditional audits
| Name | Works with | Contact |
|---|---|---|
| Beosin | Rust, Solidity | service@beosin.com |
| Certora | Formal Verification, Smart Contracts | tre@certora.com |
| Chaintroopers | Rust, Solidity | info@chaintroopers.com |
| CoinFabrik | Rust, Solidity | valeria.caracciolo@coinfabrik.com |
| Dedaub | Rust, Solidity | contact@dedaub.com |
| Guvenkaya | Rust, Web2 | timur@guvenkaya.co |
| Hacken | Rust, Solidity | b.bennett@hacken.io |
| Hexens | Rust, Solidity, Web2 | alice.rigby@hexens.io |
| Monethic | Rust, Solidity, Web2 | office@monethic.io |
| OAK Security | Rust, Solidity | info@oaksecurity.io |
| OpenZeppelin | Rust, Solidity | contact@openzeppelin.com |
| Pashov Audit Group | Rust, Solidity | pashovkrum@gmail.com |
| Red4Sec | Rust, Solidity | info@red4sec.com |
| Runtime Verification | Rust, Solidity | contact@runtimeverification.com |
| Sherlock | Rust, Solidity | contact@sherlock.xyz |
| Spearbit | Rust, Solidity | henry@spearbit.com |
| SRLabs | Rust, Solidity | hello@srlabs.de |
| Trail of Bits | Rust, Solidity | sales@trailofbits.com |
| Zellic | Rust, Solidity | kaushik@zellic.io |
Crowdsourced audits
| Name | Works with | Contact |
|---|---|---|
| Code4rena | Rust, Solidity | trebien@code4rena.com |
| Cantina | Rust, Solidity | henry@spearbit.com |
| Codehawks | Rust, Solidity | mark@cyfrin.io |
| HackenProof | Rust, Solidity | e.fedotova@hackenproof.com |
| Immunefi | Rust, Solidity | team@immunefi.com |
| Sherlock | Rust, Solidity | contact@sherlock.xyz |
Selecting an Auditor
When selecting an auditor for your project:
- Consider their expertise in the specific technologies you're using (e.g., Rust, Substrate, ink!, Solidity).
- Review their past audit reports, if available.
- Consider their familiarity with the Polkadot ecosystem.
- Reach out to multiple auditors to compare quotes and availability.
- Rotate your auditors - consider picking a different supplier for your next audit.
Remember to mention that you're applying under PAL when contacting these auditors.
For any questions about selecting an auditor or if you have a preferred auditor not on this list, please contact the PAL curators.