Trail of Bits

Blockchain

Smart contracts, nodes, bridges & DeFi

Overview

Trail of Bits was among the first security-oriented organizations transitioning from the Web 2.0 space to explore blockchain technologies. We have become experts in reviewing all facets of blockchain applications, from smart contracts to off-chain components.

Why work with Trail of Bits

  • 01

    Tools we built power the audit

    Slither, Echidna, and Medusa came out of our engagements and are now industry-standard fuzzers and static analyzers. We use them in every review, contribute fixes back, and tune custom detectors against your specific codebase — capability you don't get from firms that just license third-party tooling.

  • 02

    We publish everything

    Methodologies, exploit primitives, and ecosystem write-ups all end up in public reports, papers, or open-source repos. Building Secure Contracts, Not-So-Smart-Contracts, and our crytic toolchain are free for the industry to use — and for your team to learn from.

  • 03

    Deliverables your team can run with

    Every engagement ships fixes you can drop into CI — Slither/Medusa detectors tuned to your patterns, invariant test suites your devs keep extending, and short- and long-term SDLC recommendations your team can act on after we leave.

Services & deliverables

Design Assessment

Service

Our Design Assessment analyzes the fundamental design of the system. We assess the system architecture and component specifications, identify potential security shortcomings, and offer tailored risk mitigation strategies. We can also assess the testing strategies, emphasizing the effective use of security tools throughout the development life cycle. Finally, we provide customized solutions that address your concerns and enhance security.

01
Security analysis of deployment plans with incident response integration
02
Risk assessment of oracles, DeFi integrations & upgradeability patterns
03
Strategic implementation of fuzzing, static analysis & formal verification
04
Cryptographic & application security beyond standard blockchain risks

Leveraging a design review provides immediate feedback, minimizing project risks, saving development time and costs by reducing the need for late-stage refactoring.

Early Stage Assessment

Service

The Early Stage Assessment provides guidance and recommendations that will aid your developers for the long term of the project. This service is a perfect fit for projects that are early on in their SDLC but are ready to receive feedback. This includes projects for which the code is not finalized or is nonexistent, the documentation and testing are ongoing, and the technical solution may evolve.

We can guide projects that build smart contracts, bridges, DeFi, and decentralized gaming applications. We also have strong in-house expertise on blockchain nodes and have worked with numerous geth-based projects.

01
Surface-level vulnerability detection in early-stage codebases
02
Decentralization analysis & upgradeability schema evaluation
03
MEV exposure analysis & oracle integration risk assessment
04
Testing coverage evaluation & monitoring system design
05
Protocol-specific security recommendations & best practices
06
Long-term security posture improvement roadmap

This service helps projects to set a strong security foundation, receive expert recommendations earlier, and reduce costs by preventing late refactoring.

Invariant Testing & Development

Service

Enhance your blockchain security with our Invariant Testing & Development, which focuses exclusively on identifying, developing, and testing invariants. While security reviews typically contain some development of invariants in areas believed to contain bugs, this service is focused entirely on invariants to achieve a more holistic approach to long-term security.

Trail of Bits stands as a pioneer in Blockchain Invariant Development. Our seasoned engineers have been writing invariants for more than half of a decade (for examples, see the Balancer, Primitive, and Liquity reports), authored multiple fuzzers (Echidna, Medusa, test-fuzz), and delivered several educational materials on fuzzing.

01
System & function-level invariant identification with preconditions
02
Custom fuzzing initialization with minimal codebase disruption
03
CI/CD integration of fuzzing campaigns with cloud infrastructure
04
Hands-on developer training in invariant-driven testing methodologies

This service will help your team to become proactive instead of reactive in securing your codebase, identify and develop the most impactful invariants, and educate the team on invariant-driven development.

Comprehensive Code Assessment

Service

Our comprehensive code assessment, covering the entire codebase, is our most thorough offering and includes all aspects of secure code review.

01
Multi-language smart contract vulnerability analysis
02
Economic risk assessment including price manipulation & liquidation
03
VM security & cross-chain transaction validation for L1/L2
04
Bridge security with focus on cross-chain asset transfer validation
05
Off-chain component analysis & blockchain finality assumptions
06
Automated analysis tool integration & custom rule development

Users of this service benefit from a holistic review of their system, gaining insight into potential vulnerabilities and architectural risks, along with actionable guidance into both short term and long term actions that improve your project's security and integrity.

What ships with every engagement

Most pen-test firms hand you a PDF and walk away. Every Trail of Bits engagement ships a deliverable set your engineering team can plug into their workflow on day one and keep using long after we're gone.

Deliverable Trail of Bits Status Quo

Written findings report

Severity, difficulty, and exploit scenario for every finding.

Short- and long-term SDLC recommendations

Not just bug fixes — process changes that prevent the next class of bug.

Codebase maturity evaluation

Structured review of testing, deployment, upgradeability, and operational hygiene.

Exploit PoCs + code artifacts

Runnable demonstrations for each finding so your engineers can reproduce and verify fixes.

Sometimes

Custom Slither / Medusa / Echidna detectors

Static-analysis and fuzzing harnesses tuned to the patterns we found in your code.

Invariant test suites

Drop-in invariant fuzzers and properties your team keeps running after we leave.

LLM and Claude-skill harnesses

Agent skills and prompts to help your team triage findings and pre-flight the next review.

Live walkthrough + fix-review retest

We read out findings in person and re-test patches when they land.

Sometimes

Open publication of generalizable findings

Novel issues turn into public research so the whole industry benefits.

Comparison based on the standard published deliverables of the major blockchain-security firms as of May 2026.

Public work

Public Blockchain assessments

Browse library →
Public engagements
443
Person-weeks logged
2035
Distinct groups
19
With effort reported
442

Recent public engagements

Date Engagement Client / group Effort
May 2026 Kiln Lagoon Vault Diff Review Ethereum/EVM 1 wk
Apr 2026 Franklin Templeton BenjiSwap Differential Review Ethereum/EVM 1.2 wks
Apr 2026 Gensyn Buyback-and-Burn Vault Ethereum/EVM 1 wk
Apr 2026 Gensyn Bridged Token Ethereum/EVM 0.2 wks
Apr 2026 Gensyn Delphi Dynamic Paramutuel Markets Ethereum/EVM 3.4 wks
Mar 2026 Shape TokenLock Ethereum/EVM 0.4 wks
Mar 2026 EthStaker Deposit CLI Other/Multi-Chain 1 wk
Feb 2026 Offchain Labs Arbitrum Quorum Changes Offchain Labs 1.2 wks
Feb 2026 Aave v4 Ethereum/EVM 6 wks
Feb 2026 Chainlink LlamaRisk LlamaGuard NAV CRE Other/Multi-Chain 1 wk

Get in touch

Book a technical office hours session

Book a complimentary one-hour meeting with one of our engineers to dive into a challenging technical issue, explore tooling options, and gain valuable insights directly from our experts. This session is purely technical — no sales talk, just a focused discussion that showcases our depth, talent, and capabilities.

Book a Session