BLOCKCHAIN

BLOCKCHAIN SECURITY FOR PROTOCOLS THAT CAN'T AFFORD
TO GET IT WRONG.
We’ve secured Uniswap, Aave, Chainlink, and leading Layer 2 teams like Arbitrum, reviewing complete systems from smart contracts to off-chain infrastructure - because that’s where exploits actually happen. Instead of handing you a report and disappearing, we build partnerships that make every deployment stronger.
START A PROJECT

WHAT WE DO

Design Reviews:

Catch architectural mistakes before you write a single line of code. We analyze your specification documents, system architecture, and component designs to identify security blockers before they become embedded in your codebase. This isn’t a checkbox exercise. We’re looking at how your access control model handles edge cases, whether your upgradeability mechanism creates single points of failure, how external integrations (oracles, DeFi protocols, third-party contracts) expand your attack surface, and whether your deployment and incident response plans account for realistic failure modes.

Early Stage Review:

Get expert security guidance while your architecture can still change. An Early Stage Review meets you where you are. We look at code that’s still evolving, documentation that’s incomplete, and technical solutions that might change. Rather than hunting for every bug (which would be futile in unfinished code), we focus on the decisions that matter: Is your access control model sound? Does your upgradeability approach create unnecessary risk? Are you accounting for MEV? Oracle manipulation? Blockchain reorg scenarios? Are there architectural choices that will make security harder down the line? We also evaluate your security practices, including testing coverage, tooling, documentation quality, and monitoring plans to provide concrete recommendations for improvement.

Comprehensive Security Assessment:

A complete security review of your blockchain application from smart contracts, nodes, to bridges, and everything in between. our most thorough offering. We combine manual expert review with automated analysis to examine every component that affects your security posture. For smart contracts, we go beyond scanning for known vulnerability patterns. We analyze your business logic for economic exploits—price manipulation, flash loan attacks, improper liquidation handling, slippage vulnerabilities. We examine access control for privilege escalation paths. We test invariants through fuzzing. We check that your upgrade mechanisms don’t introduce new attack vectors. And we do this across the full range of smart contract languages: Solidity, Vyper, Cairo, Teal, Rust-based languages for Cosmos and Solana, and more.

Invariant development:

Stop finding bugs. Start preventing them. We work with your team to define function-level invariants (this operation should always be commutative) and system-level invariants (total supply should equal sum of all balances). We translate those invariants from English into Solidity. We integrate them with fuzzers like Echidna or Medusa. And we help you build the infrastructure—CI integration, cloud fuzzing, developer training—to maintain and extend these tests long after we’re gone.

RELATED SERVICES

AI/ML Security

Security for systems that learn. We assess model architectures, training pipelines, and deployment infrastructure using the same research-driven approach that earned us second place in DARPA’s AI Cyber Challenge.

Application Security

Deep-dive assessments that go beyond checklists. We analyze your code, architecture, and development practices to find vulnerabilities others miss tohelp you fix them for good.

Cryptography

Where math meets engineering. Our team combines academic rigor with real-world implementation expertise to secure protocols from design through deployment.

Research & Engineering

Deep-dive assessments that go beyond checklists. We analyze your code, architecture, and development practices to find vulnerabilities others miss tohelp you fix them for good.

Security Engineering

Most security tools assume your problem looks like everyone else’s. When it doesn’t, you need custom tooling, hardened infrastructure, and fixes that actually stick.
LEARN MORE

HOW WE WORK

Design Review

01

Specification
analysis:

We review your documentation, whitepapers, and architectural diagrams to understand what you’re building and why.

02

Threat
modeling:

We identify attack vectors specific to your design—not generic blockchain risks, but the actual ways your system could fail.

03

Component-level review:

We examine arithmetic risks, access control strategy, upgradeability mechanisms, and external integrations.

04

Tooling
guidance:

We recommend which security tools (static analysis, fuzzing, formal verification) to prioritize at each development stage.

05

Custom
Q&A:

You bring specific concerns; we bring expertise across blockchain, cryptography, and application security to address them.

Early Stage Review:

01

Lightweight code review:

We examine your current codebase to understand your technical approach and catch surface-level vulnerabilities.

02

Architecture assessment:

We evaluate access controls, code modularity, decentralization claims, on-chain/off-chain separation, and upgradeability design.

03

Risk identification:

We flag MEV exposure, oracle risks, blockchain-specific risks (finality, reorgs), ERC integration issues, and third-party dependencies.

04

Practice evaluation:

We assess your documentation, testing strategy, tool usage, and monitoring plans against industry best practices.

05

Tailored
recs:

We provide protocol-specific guidance based on your particular use case and risk profile.

Comprehensive security assessment:

01

Kickoff and scoping:

We gather technical documentation, understand your system architecture, and identify the components that matter most.

02

Manual
review:

Our engineers read your code—line by line where it counts—looking for vulnerabilities that automated tools miss.

03

Automated analysis:

We run Slither for static analysis, Echidna and Medusa for fuzzing, and custom tooling tailored to your codebase.

04

Iterative findings:

Weekly status calls and clear communication throughout. You see issues as we find them, not just at the end.

05

Fix review (optional):

After you address findings, we review your fixes to confirm they resolve the issues without introducing new ones.

Invariant Development:

01

Invariant identification:

We discuss your protocol’s intended behavior and identify properties that must hold—at the function level and system level.

02

Specification in English:

We document invariants and their preconditions in plain language before touching code.

03

Implementation in Solidity:

We translate invariants into test code, selecting the right testing approach (internal, external, or partial) with minimal disruption to your codebase.

04

Fuzzing and
refinement:

We run invariants locally and on cloud infrastructure, refining specifications based on results and narrowing preconditions to reflect realistic scenarios.

05

Integration and
training:

We integrate fuzzing into your CI, provide guidance on long-term fuzzing campaigns, and train your team to write and maintain invariants independently.

DELIVERABLES

DESIGN REVIEW OUTPUTS

Design AssessmentReport:

EARLY STAGE REVIEW OUTPUTS:

AssessmentReport:

Code maturityevaluation:

Prioritizedroadmap:

COMPREHENSIVE SECURITY ASSESSMENT:

ComprehensiveReport:

INVARIANT DEVELOPMENT:

Invariantspecification:

Design Assessment Report:

Design review output

Detailed findings with severity ratings, plus a recommendations section covering design matters that warrant internal discussion

Assessment Report:

Early Stage review output

Findings on architectural risks, surface-level vulnerabilities, and security practice gaps

Code maturity evaluation:

Early Stage review output

Analysis of documentation, testing, complexity, and security posture

Prioritized roadmap:

Early Stage review output

Concrete next steps for improving security before your final review

Comprehensive Report:

Comprehensive Security Assessment

Detailed findings with severity ratings, exploitation scenarios, and remediation guidance. Includes executive summary and code maturity evaluation.

Invariant specification:

Invariant Development

Markdown documentation describing each invariant, its preconditions, and rationale—in plain English.

ECOSYSTEMS & ALLIANCES

Here are some of our favorites:

ETHEREUM

We've completed assessments for companies building on Ethereum and have reviewed various components of the ecosystem itself. Our expertise in Ethereum security is demonstrated through our numerous comprehensive reports. Our comprehensive approach to security has led us to create some of the best security tools in the Ethereum ecosystem (Slither, Echidna, Medusa), which we leverage in our security reviews for greater confidence.

View our public assessments
Building secure contracts
Slither
Echidna
Medusa

ETHEREUM

Date iconSeptember 2025

BEYOND BUG HUNTING

How Trail of Bits helped Turnkey build better systems

CASE STUDY
READ MORE
“Building a system with end-to-end cryptographic attestations means getting the details right across reproducible builds, TEEs, and verification protocols. Trail of Bits’ expertise with Nitro Enclaves provided valuable technical recommendations on our security architecture in ways that went beyond typical security reviews.”

RELATED TOOLS & RESOURCES

Slither

Static analysis framework for Solidity & Vyper. Detects vulnerabilities, optimizes gas, and integrates seamlessly into CI/CD.
READ MORE

Echidna

Property-based fuzzing for Ethereum. Finds edge cases and validates invariants through intelligent test generation.
READ MORE

Medusa

Next-gen fuzzer with parallel execution, call sequence analysis, and comprehensive invariant testing.
READ MORE

Mewt

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut
READ MORE

Building Secure Contracts

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut
READ MORE

WHY TRAIL OF BITS

Our competitors find bugs. We prevent them. By teaching your developers to write secure code by default, we address the root cause, not just the symptoms. Audits are often a project’s largest expense, and re-auditing buggy code can be fatal. Our engagements train your developers to write code that only needs to be audited once.
We are the experts on both building and using advanced tools to discover bugs. Slither for static analysis. Echidna and Medusa for fuzzing. Mewt for measuring test coverage. These are not third-party utilities we happen to run. They are projects we created to enhance our auditing capabilities, and published to help our clients write safer code. Building these projects ourselves gives us insights that let us use these tools far more effectively than others, letting our engineers spend less time on noise and more on the bugs that matter.
We have seen what works in production, and more importantly, what fails. We have reviewed the protocols that define the blockchain ecosystem, including Uniswap, Aave, and Arbitrum. Our work spans smart contracts, wallets, nodes, bridges, and off-chain systems across more than a dozen ecosystems. We know which designs tend to produce vulnerabilities and which practices consistently prevent them.
REQUEST A QUOTE

see how we can help you

Tell us about your hardest security problems

Contact us to build more secure software.

For secure communications, please use SendSafely or PGP.

Mailing Address

228 Park Ave S #80688

New York, NY 10003

What services are you interested in?