SMART CONTRACT AUDITS POWERED BY INVARIANT TESTING
Smart Contract Audits That Cover Every Code Path — Get a Proposal in 24 Hours
Trusted by leading DeFi protocols
Benefits
THE MISSING PIECE
Invariant testing catches the bugs manual review misses — before you go to audit
CODE THAT GROWS WITH YOU
Invariant tests specify your system behavior, making every upgrade predictable
NEVER REPEAT A BUG
Tests run on every commit — once a bug is fixed, it stays fixed forever
WORLD CLASS MANUAL REVIEW
Led exclusively by seasoned veterans — we only take audits where we have an edge
RECON PRO INCLUDED
Our cloud platform runs Echidna, Medusa and Halmos for you — included in every engagement
LIVE MONITORING
Recon test suites double as live monitors — predicting exploits before they happen
Audits
World Class Reviews, we open source every audit unless asked not to by our customers
Liquity
Comprehensive invariant testing and smart contract security audit of Liquity v2 (BOLD), identifying critical accounting and economic vulnerabilities in this DeFi lending protocol.
Audit
Report link >
Beraborrow
Security review and property-based fuzzing of the Beraborrow DeFi lending protocol with invariant testing coverage across Solidity smart contracts.
Audit
Report link >
All reports
Complete archive of all public Recon smart contract security audit reports — DeFi protocol audits, invariant testing engagements, and vulnerability disclosures.
Audit
Report link >
Quill Finance
Invariant testing engagement for Quill Finance, uncovering edge cases in their DeFi protocol through property-based fuzzing with Echidna and Medusa.
Audit
Report link >
Balancer DAO
Smart contract security review of a Balancer DAO Safe module for multi-sig governance operations — Solidity audit with manual code review.
Audit
Report link >
Kleidi
Smart contract security audit of the Kleidi protocol — Solidity vulnerability assessment with invariant testing.
Audit
Report link >
Apollon
Comprehensive smart contract security review of the Apollon DeFi protocol — manual audit paired with property-based fuzzing.
Audit
Report link >
Credit Coop
Private invariant testing engagement that uncovered high-severity rounding and minting cap bypass issues in Credit Coop's DeFi smart contracts.
Audit
Private Report
TEAM
Alex
Security researcher
Top C4 Judge. Former Badger Lead Dev. Bug findings across major DeFi protocols.
Antonio
Security researcher
Creator of EchidnaToFoundry. Author of the most-read articles on invariant testing.
Nican0r
Lead Invariants Engineer
Lead Invariants Engineer. Centrifuge, Liquity, Corn, and more.
Kn0t
Lead Invariants Engineer
Lead Invariants Engineer. Driving R&D and next-gen fuzzing tools at Recon.
0xsi
Software engineer && Invariants Engineer
Lead Software Engineer. Built core Recon Pro and cloud fuzzing features.
Deivitto
Security Researcher, Senior Full Stack Engineer, UX & AI Engineer
Security Researcher. Full-stack engineer bridging security and AI tooling.
0xGondar
Security Researcher & Fuzzing Engineer
Security Researcher, Senior Full-Stack Developer, Fuzzer.
We support your team at every stage
Early Stage
Build it right from day one
- ▶
Define key invariants & scaffold testers for your Solidity smart contracts
- ▶
Grow invariants alongside your codebase as your DeFi protocol evolves
Pre-Audit
Ship confidently to auditors
- ▶
Reach 100% coverage with test repros using Echidna, Medusa, and Foundry
- ▶
Hand auditors meaningful states & broken properties for deeper smart contract security review
Solo Review
Expert eyes on your code
- ▶
Manual review by top security researchers with DeFi vulnerability expertise
- ▶
Paired with invariant testing for deeper coverage across lending, staking, and vault protocols
Audit Stage
Stay covered during and after audit
- ▶
Add properties flagged by reviewers in real-time during your smart contract audit
- ▶
Reproduce bugs as invariant tests for regression safety across protocol upgrades
- ▶
Cloud runners for rapid fix testing — no weekend delays with Recon Pro fuzzing infrastructure
Our offers
Manual Review
→A thorough Solidity audit by top security researchers. Line-by-line code review focused on blockchain security and DeFi vulnerability patterns: reentrancy, oracle manipulation, access control, and liquidation bugs. Includes token audit coverage for ERC-20, ERC-721, and custom standards. Ideally paired with invariant testing for maximum coverage.
Invariant Test Writing
→Property-based testing written by an experienced fuzzing engineer. We define critical protocol invariants for DeFi security: solvency, access control, liquidation, and oracle integrity. Then we scaffold a comprehensive test suite with Echidna or Medusa, run formal verification with Halmos, and cloud-fuzz with unlimited Recon Pro campaigns during the engagement.
Recon Pro
→Cloud fuzzing as a service. Run smart contract fuzzing campaigns with Echidna, Medusa, Halmos, and Foundry for continuous security testing. No infrastructure setup, real-time coverage reports, and team collaboration built in. Over 12,500 campaigns run protecting DeFi protocols across lending, staking, vaults, and governance.
Blog
Mutation testing for smart contracts: measure your test suite quality
Your tests pass. But are they actually good? Mutation testing injects faults into your code and checks if your tests catch them. Here's how to measure and improve.
By Kn0tHow to prepare your code for a smart contract audit
Good audit preparation cuts costs and improves findings quality. Here's the exact checklist we wish every protocol followed before engaging an auditor.
By Kn0tPostmortem: The Lending Protocol Reentrancy That Fuzzing Missed — And Invariants Didn't
The dev team ran Echidna for 24 hours: zero findings. The same vulnerability was found by invariant testing in 90 seconds. Here's the exact reentrancy path, why mock ERC20s hide it, and the accounting properties that catch it.
By AntonioFAQ
Common questions about smart contract audits and invariant testing
30+
Pro Accounts
11.5k+
Jobs run in the cloud
9k+
Properties Broken
It's never been easier
3 click to run Medusa, Echidna, Halmos or Kontrol in the cloud, works with private repos
One click sharing and Corpus Reuse
Make your result public in one click with automatic reports and repro for all fuzzers
Ready for Automation
Run on PR, Commit or via API, trigger alerts on broken properties
A sprinkle of Magic
Run agentic workflows to help you identify invariants and reach coverage with invariant tests