Frequently Asked Questions

We combine manual expert review with automated invariant testing using industry-leading tools: Echidna and Medusa for fuzzing, Halmos for formal verification, and Foundry for integration testing. Our proprietary Chimera framework unifies these tools into a single write-once API, allowing us to run the same test suite across all engines for maximum coverage.

Typical audit timelines range from 2-6 weeks depending on codebase size and complexity. Simple contracts (under 1,000 lines) can be reviewed in 2-3 weeks. Complex DeFi protocols with multiple integrations typically take 4-6 weeks. We also offer expedited reviews for time-sensitive launches. Submit a request and we'll provide a specific timeline within 24 hours.

Audit pricing depends on scope, complexity, and engagement type. Our engagements range from $25k for focused invariant testing to $250k+ for comprehensive audits of large protocols. We offer three service types: Full Security Audit, Invariant Testing Only, and Audit + Invariant Testing. Request an audit for a custom quote — we respond within 24 hours.

Recon Pro is our cloud fuzzing platform that lets developers and security researchers run Echidna, Medusa, Halmos, and Foundry tests in the cloud with 3 clicks. No infrastructure to manage — just push your tests and get results. It's ideal for teams doing their own invariant testing, auditors running tests during engagements, and protocols that want continuous security monitoring. Over 12,500 cloud runs have been completed on the platform.

We audit contracts on Ethereum, Arbitrum, Optimism, Base, Polygon, BSC, Avalanche, and other EVM-compatible chains. We specialize in DeFi protocols including lending, DEX, yield aggregators, stablecoins, bridges, and cross-chain applications. We also support DAO governance, NFT, and infrastructure contracts.

After you submit your request, our team reviews your project details and codebase within 24 hours. You'll receive a detailed proposal including scope, methodology, timeline, and pricing. Once aligned, we kick off the engagement — typically starting with invariant test scaffolding while the manual review runs in parallel. You'll get regular updates throughout the process.

Yes — we offer continuous security engagements. With our 'Continuous Security' option, we integrate invariant testing into your development workflow so properties are tested on every commit. Combined with Recon Pro cloud runners, you get automated regression testing and can catch issues before they reach production. Many of our clients start with an audit and transition to continuous coverage.

Chimera is our open-source framework that lets you write invariant tests once and run them across Echidna, Medusa, Halmos, and Foundry without changing your code. This means broader coverage with less effort — each tool has different strengths, and Chimera lets you leverage all of them from a single test suite. It's available at github.com/Recon-Fuzz/chimera.

Yes. Every audit engagement that includes invariant testing delivers the complete test suite to your team. This includes all properties, handlers, and fuzzing configurations. You can run these tests locally or via Recon Pro on every future code change, giving you permanent regression safety — not just a point-in-time report.