PROOF-BASED PROTOCOL TRUST

Turn Your Protocol Security Into Proof Investors Can Verify.

Convert your scope, review, fixes, Deployment Match, and authority evidence into a Trust Passport.

Start Protocol Onboarding Preview Review Cost

Objective
Assessments

Secure &
Verifiable

Real-time
Transparency

Investor
Ready

Pre-Audit Readiness: Gaps & ROI

Q: Why do standard audits experience delays and budget bloat?

Standard review campaigns waste critical expert hours on environment compile issues, failing test suites, and missing architectural documentation instead of auditing code logic.

Q: Why is a verified Pre-Audit Gate necessary?

By resolving compilation, test, dependency, and documentation gaps beforehand, your senior reviewer time is aimed at actual protocol risk.

EXAMPLE PROFILE

PROTOCOL TRUST PASSPORT

EXAMPLE ONLY

PROTOCOL OVERVIEW

Example Protocol

Example only. Live ID is API-backed.

NETWORKEthereum

CATEGORYDeFi / Lending

REVIEW STATUS Completed

REVIEWED COMMITShown after live evidence

LAST VERIFIEDShown after live verification

CURRENT STATE Reviewed deployment remains matched

TRUST SCORE

812/1200

CONFIDENCEExample

VERIFICATION STACK

Scope Lock

Audit Completed

Fixes Independently Verified

Runtime Bytecode Matched

Proxy Implementation Matched

Initialization Verified

Monitoring Active

DEPLOYMENT OVERVIEW

PROXY ADDRESSLive API address required

IMPLEMENTATIONLive API address required

PROXY RUNTIME HASHExample only. Hash appears with live proof.

IMPLEMENTATION RUNTIME HASHExample only. Hash appears with live proof.

VERIFIED AT BLOCKLive evidence only

Want to verify your deployment?Start onboarding to connect real repository and deployment evidence.Configure Example

STRUCTURED ROUTING

How does structured routing improve audits?

Audits Without Randomness, Duplicate Pay, or Coverage Gaps.

Proof of Audits routes every audit through scored auditors, skill tags, tier coverage, duplicate-finding protection, and post-audit verification — so protocols get structured security evidence, not scattered reports.

deterministic routing pipeline

Scored Auditors Only

Only auditors with minimum score, verified history, and tier eligibility can join routing.

Score gate + verified history

ROUTED

Skill-Tagged Routing

Auditors are matched by tags like AMM, lending, bridges, vaults, oracle risk, and economic logic.

Tag match: AMM / lending / bridge / oracle

ROUTED

Tier-Based Coverage

Function, contract, cross-contract, and system-level review create full code coverage.

T4 -> T3 -> T2 -> T1 coverage

ROUTED

No Duplicate Pay

Duplicate findings are clustered, so protocols do not pay repeatedly for the same issue.

Clustered root cause

ROUTED

Fair Pay by Complexity

Rewards reflect scope difficulty, code size, severity, tier depth, and review complexity.

Scope + severity weighted

ROUTED

Pre-Audit Anywhere

Bring reviews from internal sources, contests, security firms, or community sources into Proof of Audits.

Contests / firms / internal reviews

ROUTED

Pre-Audit Not Blindly Trusted

Missing areas, weak evidence, incomplete fixes, and unclear coverage are clearly marked.

Gaps marked before trust

ROUTED

Post-Audit Review & Co-Score

After fixes, Proof of Audits verifies resolution and updates the protocol score with evidence.

Fix proof updates score

ROUTED

Every step is deterministic. Every duplicate eliminated. Evidence becomes a verifiable Trust Passport.

AUDITOR MATCHMAKING

Routed by Skill and Reputation.

Auditors are selected using skill profiles built from verified contest history, tier eligibility, and direct analysis of your protocol’s clusters and dependencies — not random assignment.

PROTOCOL PROFILE

LANGUAGES & DOMAINS

Solidity

Rust

Cairo

ZK Circuits

KEY RISK SURFACES

AMM / Concentrated Liquidity

Oracle Integration

Cross-Chain Messaging

Access Control

CLUSTER ANALYSIS

Pre-audit produces function-level and contract-level clusters from AST + call graph. These clusters drive exact auditor assignment.

MATCHED AUDITOR SLOTS

Based on your actual code clusters

T3 • CONTRACT LEVEL

Hammerhead — 4 clusters

4 verified
AMM contests

Matched on concentrated liquidity logic, oracle price paths, and position manager access control. All clusters drawn from the same contract family.

T4 • FUNCTION LEVEL

Swordfish Scout — 12 clusters

Strong history
on swap & hook logic

Assigned individual functions (swap, modifyPosition, beforeSwap) where precision on state deltas and reentrancy boundaries matters most.

T2 • CROSS-CONTRACT

Orca Warden — 2 pairs

Cross-domain
experience

Reviews message passing and oracle dependency interactions between core contracts.

Assignments are derived from cluster scoring and verified auditor skill profiles. Same-auditor overlap on dependent clusters is avoided.

OVERFLOW SPECIALISTS

When extra depth is required

For protocols involving ZK circuits, complex cross-chain state, or novel primitives, additional specialist auditors from higher tiers are pulled in. These slots are filled from auditors who have demonstrated performance on similar patterns in previous engagements.

ZK circuit verificationAvailable

Multi-chain settlementAvailable

Custom economic modelsAvailable

PERSPECTIVE COVERAGE LAYER

Why standard audits leave your protocol exposed

Plain audits are like flat glass. Reviewers look at everything generally, but all eyes are not fully covering. Egos overlap, scope is duplicated, and critical depths are completely ignored.

Proof of Audits solves this by enforcing 400% Multi-Perspective Coverage. By routing structured scope to four distinct security tiers, we verify your codebase four times from four independent perspectives.

Interactive Perspective Configurator400% COVERAGE

T4 Scout Perspective (100% Function-Level)

Enforces strict input validation, visibility restrictions, overflow checks, and isolated function state checks. Prevents standard logic mistakes.

T3 Hammerhead Perspective (100% Contract-Level)

Verifies state storage layouts, inheritance sequences, initialization integrity, reentrancy guards, and access control matrices.

T2 Orca Perspective (100% Cross-Contract-Level)

Models integration risks, external dependency failures, oracle validation logic, dynamic token behavior, and protocol-to-protocol interactions.

T1 Phantom Perspective (100% System-Wide)

Validates game-theoretic tokenomics, multi-contract invariants, Flash Loan arbitrage limits, governance attack vectors, and protocol liquidation loops.

RISK & LOSS SIMULATOR

Measure your exposure

DeFi platforms suffered over $942M in exploits in the first half of 2026 alone, with Q2 2026 becoming the most active hack period on record. Use this calculator to model your potential losses.

Value at Risk (VaR):$50M USD

$5M Min$250M$500M Max

Standard Audit Risk

$4.10M

Expected loss based on 8.2% historical vulnerability leakage rate in standard audits.

Proof of Audits Risk

$0.02M

Expected loss with 400% perspective coverage checks (T4-T1 fully active).

expected capital saved

$4.08M USD

Eliminating manual ego bias, single-reviewer fatigue, and flat blind spots protects your TVL.

Real-world exploit reference

KelpDAO (Bridge)$292M

Drift (Compromise)$285M

Euler (Lending)$197M

Curve Finance$73M

*Calculations use actual DeFi vulnerability data from Euler, Curve Vyper, and KyberSwap exploits, as well as the recent April 2026 Drift Protocol ($285M) key compromise and KelpDAO ($292M) bridge flaws. These benchmarks show real losses up to late June 2026.

What is required before auditing begins?

Know What Must Be Ready Before Core Audit Time Starts.

The pre-audit gate is built for the protocol team problem: unclear scope, missing build context, weak invariants, and reviewer time spent reconstructing architecture instead of reviewing risk.

Readiness gate outcome

If the gate does not pass, core review should not start silently. The blocker list tells you which evidence or setup gap must be fixed before senior reviewer budget is released.

verify_no_source_mutation.py — snapshot locked

run_static_prescan.py — static analysis complete

run_halmos_verification.py — formal verification passed

quality_gate.py — all evidence thresholds met

release_gate.py — must pass to claim completion

Output 1

invariant_registry.json

status: generated after evidence

source: protocol repository

hash: API-backed when live

Invariant Registry

Every protocol invariant with english_why, deterministic facts, exact source evidence, stateless/stateful test links, monitorability class, and compile/quality/formal verification status.

Problem solved

Reviewers test protocol promises against machine-verified facts, not opinions.

Output 2

core_audit_brief.md

status: generated after evidence

source: protocol repository

hash: API-backed when live

Core Audit Brief

Complete scope definition with risky_functions_hitlist, threat_model, complexity scores, and the exact file + line ranges each auditor cluster will review.

Problem solved

Senior reviewers start with structured risk context, not a cold codebase.

Output 3

sentinel_ready.json

status: generated after evidence

source: protocol repository

hash: API-backed when live

Sentinel Monitoring Config

Production-ready monitoring configuration generated from invariants. Each invariant tagged with monitorability class (always/conditional/never) and runtime detection parameters.

Problem solved

Post-deployment monitoring starts from audit evidence, not built from scratch.

Output 4

pre-audit/facts/**, graph/**, flows/**

status: generated after evidence

source: protocol repository

hash: API-backed when live

Diligence Graphs & Facts

Deterministic call-graphs, dependency flows, and code summaries generated under pre-audit/facts/** and pre-audit/graph/** from the static prescan.

Problem solved

Establishes a solid mapping of dependencies and control flows before human review.

Output 5

pre-audit/person1-3/**, admin_action_required.md

status: generated after evidence

source: protocol repository

hash: API-backed when live

Reviewer Workspaces & Blocker Logs

Workspace configurations for reviewer slots (person1, person2, person3). Blockers are written to reports/admin_action_required.md when compilation or quality gates fail.

Problem solved

Enforces isolated, conflict-free review workspaces and halts routing if gates fail.

Output 6

veersec_fair_price_plan.json

status: generated after evidence

source: protocol repository

hash: API-backed when live

Fair Price Plan

Deterministic pricing from cluster-count pool bands. Shows full-stack pool, selected tier shares, 50/50 base/bounty split, severity pools (Critical 35%, High 30%, Medium 25%, Low 10%), and T0 reviewer fee.

Problem solved

Pricing comes from code analysis, not negotiation.

POST-AUDIT SKIN IN THE GAME

No PDF-and-run. Auditors are held accountable.

Traditional audits suffer from a massive principal-agent problem. Auditors get paid upfront, issue a PDF report, and assume zero risk if a critical bug leaks. If your protocol gets hacked, they lose nothing, and you lose everything.

Live Slashing Resolution FlowEscrow Active

BOND ESCROW LOCKED

STEP 1 OF 4

Phase 1: Code Deployed & Auditor Bond Lock

After the pre-audit and core audit phases complete, the code is deployed to mainnet. The auditors' payout tokens (fixed reward + bonus yield) are held in the BondedAuditEscrow smart contract for a designated safety window (typically 30-60 days).

THE ALIGNMENT SOLVED

Auditors are no longer paid for simple time-sheets. By linking their staked capital directly to codebase clusters, we align their financial success with your protocol's long-term security.

AUTOMATED SLA SLASHING

Our platform automatically checks the AST signature of the failed file to trace which auditor was assigned that specific function or contract cluster. Slashes are precise, verifiable, and rule-based.

POST-AUDIT BOUNTY FEES

If an external platform reports a bug, Proof of Audits reimburses the bug finder and refunds a small percentage fee per valid report to make sure listing your audited code elsewhere incurs zero additional penalty.

How does core auditing run?

Reviewer Time Is Routed By What The Protocol Actually Needs.

Core audit uses the pre-audit map to route function, contract, cross-contract, and final-signoff work to the right depth instead of treating every file like the same risk.

Swordfish Scout

Function-level

1 day audit + 1 validationBand: 100–130

One cluster per public/external function, constructor, receive, or fallback. Deep invariant building, first-entry precision. Each auditor gets exactly one function scope.

Hammerhead

Contract-level

4 days audit + 1 validationBand: 150–180

Strict whole-contract clusters. No view/pure/function fragment splits. Fuzzing suites, access-control analysis, structural validation. Validates T4 submissions.

Orca Warden

Cross-contract pairs

3 days audit + 1 validationBand: 150–180

Pairs of T3 clusters (max 2 per T2 unit). Oracle manipulation, stateful fuzzing, exploit-path analysis. Validates T3 submissions.

Phantom Octopus

Whole-system

7 days minimumBand: 0–480

One whole-system cluster covering all in-scope code. Governance, MEV, economic game theory, final sign-off. No per-cluster submission validation — system-level judgment.

Budget control for protocol teams

Pool bands from cluster count: Tiny (0–8) $8K, Small (9–19) $8K–$16K, Medium (20–39) $16K–$30K, Large (40–59) $30K–$40K, Complex (60–119) $40K–$100K, Extreme (120+) $100K–$150K.

Full-stack pool splits into 4 equal tier shares. You select and pay for only the tiers you need — T4 only on a $30K full-stack costs $7,500.

50/50 split per tier: half as committed base-review allocation, half as severity bounty pool (Critical 35%, High 30%, Medium 25%, Low 10%).

T0 final reviewer must be one tier above your highest selected audit tier. T0 fee: 2% of selected tier shares. Platform fee: 3% protocol-side.

What this feels like for your team

Before

13-step pipeline runs: snapshot lock, invariant registry, Halmos verification, quality gate. Missing evidence blocks core review.

During

1:1 auditor-to-cluster routing. Only tag-matched auditors eligible (≥2 verified DeFi tags from contest history).

Accountability

Auditors who miss basic bugs face −10 reputation slash and on-chain bond forfeiture. Slashed funds flow to your protocol.

After

4-step fix verification: re-run all invariants, AST diff, regression detection. Trust Passport updates with deployment match proof.

How are review quotes generated?

Preview What You Fund Now.

Initial escrow preview covers pre-audit plus core audit. Post-audit is quoted later from the fixed remediation diff after core closeout.

Protocol Quote Inputs

We map your codebase to deterministic scope clusters, then select a pool band (Tiny through Extreme) based on cluster count. Architecture answers shape complexity multipliers, tier depth, and T0 reviewer requirements.

Auditable Solidity nSLOCContracts in scopeProtocol categoryArchitecturePrivileged controlsMax value at riskFunding timeline

External dependencies

OraclesBridgesLSTs/LRTsExternal KeepersNone

Pricing ModeReal cluster pricing model

Complexity4 / 5

TiersT4, T3, T2, T1

PhasesPre + Core

Final scope, dates, and escrow are confirmed by the admin proposal before funding.

Quote Preview (Total Deposit Required)

$51,975

22 estimated days

Escrow includes the core pool ($49,500), Proof of Audits platform fee ($1,485), and T0 reviewer allocation ($990).

Platform fee$1,4853% protocol-side fee

T0 reviewer$9902% fee (T1 eligible)

Attestation gas$120Base estimate

Minimum$5,000Preview accepted

Phase Budgets

Pre-Audit$9,405

19% of previewed scope

Core Audit$40,095

81% of previewed scope

Post-audit is a later fixed-diff quote after core closeout.

Equal Tier Totals

T4$12,375

42 reviewers, $6,175 bounty pool ($148 base fee per reviewer), 24 hours

T3$12,375

15 reviewers, $6,175 bounty pool ($413 base fee per reviewer), 96 hours

T2$12,375

8 reviewers, $6,175 bounty pool ($775 base fee per reviewer), 72 hours

T1$12,375

1 reviewers, $6,175 bounty pool ($6,200 base fee per reviewer), 336 hours

How are previous audits imported?

Do Not Throw Away Previous Security Work.

If your protocol was already audited, you can evaluate what evidence remains valid, what changed, what still matches deployment, and what requires additional verification.

Importable Evidence Inputs

•Audit PDF

•Reviewed commit

•Repository

•Finding list

•Remediation commits

•Auditor identities

•Deployment addresses

•Compiler settings

•Build artifacts

•Verification records

Existing Audit Import Intake Preview

Prior audit evidence is uploaded in onboardingPDF, reviewed commit, finding list, fixes, deployment addresses, and build artifacts

Potential Import Outcomes

✓

Verified and applicableEvidence fully aligns with bytecode and fixes.

✓

Partially applicableMinor structural updates require updated checks.

✓

Historical evidence onlyUpgrades changed code base significantly since audit.

✓

Additional verification requiredUnverified remediation commits remain active.

✓

Re-audit recommendedMismatch detected between build files and runtime.

Import Existing Audit Evidence

How are vulnerabilities verified as fixed?

“Fixed” Should Mean Verified.

Accepted findings are connected to remediation commits so reviewers can decide whether the root cause was actually resolved without relevant regressions.

Fix Pipeline Stages

Example Stage Details Preview

Finding Detected: Oracle manipulation in OceanUSD

Vulnerability: Oracle price feed lack of TWAP smoothing allows flash-loan skewing.

Auditor routes findings directly to the project dashboard. Finding includes code evidence, reproduction script, and severity proof of concept.

Use left side stages to navigate

How is code verified at deployment?

Prove Production Matches the Reviewed Release.

Source review is connected to live deployment state, runtime bytecode, proxy implementation, compiler settings, libraries, immutables, and verification blocks.

Source Identity

Link commit hashes to compiler files.

Build Identity

Verify exact compiler versions, runs, optimizer settings, and library addresses.

Deployment Identity

Scan blockchain creation hashes and factory logs to verify deployment blocks.

Runtime Identity

Match deployed contract runtime bytecode on-chain against locally generated output.

Proxy Identity

Inspect current proxy targets to ensure logic points to verified implementation code.

Initialization Identity

Verify contract initialization functions were properly executed to lock parameters.

Possible Match Outcomes

Exact matchEquivalent buildProxy matchedPartial matchMismatch detectedUnable to reproduceVerification pending

A deployment badge should not be a decoration. It should be backed by reproducible evidence.

How does post-audit assurance run?

Keep Your Trust Passport Honest After Fixes And Upgrades.

Post-audit is not an upfront percentage inside the first quote. It starts after core closeout when you have a fixed commit or changed deployment state that needs a dedicated review.

Fixed-diff review flow:

Eligibility checks locked core report, audited commit, findings, and invariant evidence.

Admin-approved planning manifest sets affected findings, functions, panel size, tags, and quote.

Protocol accepts the quote and funds the post-audit deposit before recruitment opens.

Panel review, protocol Q&A, canonical pre-audit rerun, and final verdict decide the proof state.

Start Post-Audit Request

Example Upgrade Alert Event

Proxy implementation upgradedRisk level: HighState: UNVERIFIED_UPGRADE until reviewed

Recommended action: Submit new implementation for targeted review.

Block: shown from live chain evidence
Triggered: Admin multisig signature validation success
Old Impl: live API address required
New Impl: live API address required (unreviewed)

What does the trust passport contain?

What the Protocol Trust Passport Shows.

Example only. Live Passport values appear after API-backed approval and evidence publication.

Trust Overview Summary

Current verification state, score, confidence, material unresolved risks, last verified timestamp, reviewed release, and monitoring state.

Score Index974 / 1200

Unresolved Risks1 Minor Risk

Assurance StateMonitoring Active

Proof of Audits Trust Network LedgerExample only. Live data required.

EXTENSION TRUST INTELLIGENCE ENGINE

How Live Score Verification Shows Browser Extension Signals.

Trust scores should not sit idle on a website. Your dynamic trust signals and match outputs can be published to browser extension surfaces where users review wallet requests.

Wallet-level review signals:

• Bytecode Match: Warns if runtime target differs from audited commit hash.

• Upgrade Safety: Flags if new implementation was deployed without verification.

• Risk Signals: Shows a high-risk warning if an admin key changes to an EOA.

Whenever a user attempts to interact with a smart contract, the extension can query the current Trust Passport. If verification score and proxy match states are strong, it can display an overlay badge with current evidence status. That gives users a visible warning path for malicious proxy clones or unverified contract upgrades.

Explore Browser Extension Details

Who is Proof of Audits built for?

Built for Protocols That Need More Than an Audit Logo.

✓

New protocols preparing for launch

✓

DeFi teams preparing investor diligence

✓

Protocols with previous audits but unverified fixes

✓

Upgradeable protocols needing implementation tracking

✓

Teams preparing exchange or ecosystem review

✓

Protocols with external dependencies

✓

Existing deployments needing current verification

✓

Teams managing several versions or networks

✓

Protocols wanting wallet-level trust signals

What else should protocols know?

Protocol Questions, Answered Clearly.

Are you ready to verify your protocol?

Your audit should not disappear into a PDF. Turn it into a living proof trail.

Whether you are preparing for your first audit, fixing findings from another provider, approaching deployment, or maintaining an existing protocol, this flow turns security work into a structured, current, and reusable trust system.

1Prepare scope

2Understand price

3Route auditors

4Resolve duplicates

5Verify fixes

6Match deployment

7Maintain proof

Start Protocol Onboarding View Example Trust Passport

A report tells people an audit happened.
A Trust Passport shows what remains verified now.