AUDITS POWERED BY INVARIANT TESTING
Smart Contract Audits That Cover Every Code Path — Get a Proposal in 24 Hours
Trusted by leading DeFi protocols
Testimonials
Our services are tailored to our customers
We worked with the phenomenal @getreconxyz team to get invariant testing coverage for the @centrifuge ERC-7540 implementation, leveraging their Recon Pro platform. Looking forward to seeing where @getreconxyz goes next, they have ambitious plans to take invariant testing to the next level!
Centrifuge
Jeroen - CTO
We first met Alex during some excellent security discussions re: Liquity v1. The breadth and depth of his audit of our v2 exceeded expectations - particularly impressive for a solo effort. He uncovered several technical, arithmetic and economic issues and discussed them with us in detail. I'd highly recommend his manual reviews for any DeFi team that takes their security seriously.
Liquity
Rick - Cofounder
Recon has allowed us to speed up the development of invariant tests immensely. We are able to create and execute test suites in the cloud effortlessly with virtually no boilerplate code. I highly recommend using Recon to automate your fuzzing setup.
Badger DAO
James - Lead Dev
The recon team is continuously innovating to make invariant testing vastly more accessible to projects, which makes a meaningful difference in security outcomes. They bring their broad expertise in and passion for web3 security to any engagement above and beyond the specified scope.
Corn
Dapp - Cofounder
Engaging with Alex&Lourens showed great proactiveness to answer deep-technical Qs along the process and help to discuss together items that require deeper drilling on invariants, really valuable not only their ability to answer Qs, but educating you on the process and empowering your team for better understanding of invariants on your architecture!
Onchainification
Petrovska - Cofounder
Alex has an incredible eye for detail, leaving no stone unturned during our audit. His review helped us gain confidence in our codebase before going to a competitive audit. I would highly recommend Alex's security services to anyone building smart contract systems.
Solidity Labs
Elliot - Founder
We worked together with Alex to review a Safe module for our DAO multi-sig. We really valued his proactiveness and quick response times so that we could ship in a timely manner. 🚀
Balancer DAO
Xeonus - Balancer Maxis
The ROI on our engagement with Recon was extremely high. They built an invariant test suite that uncovered hard-to-spot high-severity issues and gave us a powerful tool to ship with confidence. Moving forward, invariant testing will be core to our smart contract development at Credit Coop. When we do our next audit, Recon will have to be a part of the picture.
Credit Coop
Thomas Hepner - Cofounder & CTO
Alex had the most transparent and interactive process of any auditor I've worked with. He was very proactive and provided in-depth analysis even beyond what was initially requested. In the end, our team was able to iterate on findings a lot quicker than we'd estimated, while also learning a huge amount along the way
Quill Finance
Naps62.eth - Cofounder & CTO
Benefits
THE MISSING PIECE
Invariant testing catches the bugs manual review misses — before you go to audit
CODE THAT GROWS WITH YOU
Invariant tests specify your system behavior, making every upgrade predictable
NEVER REPEAT A BUG
Tests run on every commit — once a bug is fixed, it stays fixed forever
WORLD CLASS MANUAL REVIEW
Led exclusively by seasoned veterans — we only take audits where we have an edge
RECON PRO INCLUDED
Our cloud platform runs Echidna, Medusa and Halmos for you — included in every engagement
LIVE MONITORING
Recon test suites double as live monitors — predicting exploits before they happen
Audits
World Class Reviews, we open source every audit unless asked not to by our customers
Liquity
Comprehensive invariant testing and smart contract security audit of Liquity v2 (BOLD), identifying critical accounting and economic vulnerabilities in this DeFi lending protocol.
Audit
Report link >
Beraborrow
Security review and property-based fuzzing of the Beraborrow DeFi lending protocol with invariant testing coverage across Solidity smart contracts.
Audit
Report link >
All reports
Complete archive of all public Recon smart contract security audit reports — DeFi protocol audits, invariant testing engagements, and vulnerability disclosures.
Audit
Report link >
Quill Finance
Invariant testing engagement for Quill Finance, uncovering edge cases in their DeFi protocol through property-based fuzzing with Echidna and Medusa.
Audit
Report link >
Balancer DAO
Smart contract security review of a Balancer DAO Safe module for multi-sig governance operations — Solidity audit with manual code review.
Audit
Report link >
Kleidi
Smart contract security audit of the Kleidi protocol — Solidity vulnerability assessment with invariant testing.
Audit
Report link >
Apollon
Comprehensive smart contract security review of the Apollon DeFi protocol — manual audit paired with property-based fuzzing.
Audit
Report link >
Credit Coop
Private invariant testing engagement that uncovered high-severity rounding and minting cap bypass issues in Credit Coop's DeFi smart contracts.
Audit
Private Report
TEAM
Alex
Security researcher
Top C4 Judge. Former Badger Lead Dev. Bug findings across major DeFi protocols.
Antonio
Security researcher
Creator of EchidnaToFoundry. Author of the most-read articles on invariant testing.
Nican0r
Lead Invariants Engineer
Lead Invariants Engineer. Centrifuge, Liquity, Corn, and more.
Kn0t
Lead Invariants Engineer
Lead Invariants Engineer. Driving R&D and next-gen fuzzing tools at Recon.
0xsi
Software engineer && Invariants Engineer
Lead Software Engineer. Built core Recon Pro and cloud fuzzing features.
Deivitto
Security Researcher, Senior Full Stack Engineer, UX & AI Engineer
Security Researcher. Full-stack engineer bridging security and AI tooling.
We support your team at every stage
Early Stage
Build it right from day one
- ▶
Define key invariants & scaffold testers for your Solidity smart contracts
- ▶
Grow invariants alongside your codebase as your DeFi protocol evolves
Pre-Audit
Ship confidently to auditors
- ▶
Reach 100% coverage with test repros using Echidna, Medusa, and Foundry
- ▶
Hand auditors meaningful states & broken properties for deeper smart contract security review
Solo Review
Expert eyes on your code
- ▶
Manual review by top security researchers with DeFi vulnerability expertise
- ▶
Paired with invariant testing for deeper coverage across lending, staking, and vault protocols
Audit Stage
Stay covered during and after audit
- ▶
Add properties flagged by reviewers in real-time during your smart contract audit
- ▶
Reproduce bugs as invariant tests for regression safety across protocol upgrades
- ▶
Cloud runners for rapid fix testing — no weekend delays with Recon Pro fuzzing infrastructure
Our offers
Manual Review
→A thorough smart contract security audit by top security researchers. Line-by-line Solidity code review focused on DeFi vulnerability patterns: reentrancy, oracle manipulation, access control, and liquidation bugs. Ideally paired with invariant testing for maximum coverage.
Invariant Test Writing
→Property-based testing written by an experienced fuzzing engineer. We define critical protocol invariants for DeFi security: solvency, access control, liquidation, and oracle integrity. Then we scaffold a comprehensive test suite with Echidna or Medusa, run formal verification with Halmos, and cloud-fuzz with unlimited Recon Pro campaigns during the engagement.
Recon Pro
→Cloud fuzzing as a service. Run smart contract fuzzing campaigns with Echidna, Medusa, Halmos, and Foundry for continuous security testing. No infrastructure setup, real-time coverage reports, and team collaboration built in. Over 12,500 campaigns run protecting DeFi protocols across lending, staking, vaults, and governance.
Blog
Do you need a smart contract audit?
If your contract holds user funds, controls access to funds, or governs protocol parameters that affect funds, you need an audit. Here's how to decide what type fits your situation.
By AlexHow much does a smart contract audit cost in 2025?
A smart contract audit costs between $15,000 and $120,000 for most DeFi protocols. Here's a full breakdown of pricing by audit type, what drives cost, and how to get the most value from your budget.
By AlexHow to write your first invariant test
A hands-on tutorial that walks you through writing three invariant properties for a simple ERC-20 vault, then running them with Foundry and Echidna. Working test suite in 30 minutes.
By Nican0rFAQ
Common questions about smart contract audits and invariant testing
30+
Pro Accounts
11.5k+
Jobs run in the cloud
9k+
Properties Broken
It's never been easier
3 click to run Medusa, Echidna, Halmos or Kontrol in the cloud, works with private repos
One click sharing and Corpus Reuse
Make your result public in one click with automatic reports and repro for all fuzzers
Ready for Automation
Run on PR, Commit or via API, trigger alerts on broken properties
A sprinkle of Magic
Run agentic workflows to help you identify invariants and reach coverage with invariant tests