What Layer 1 chains have you audited?

We work with EVM-based L1s, Cosmos SDK chains, Substrate-based chains, and custom implementations. Contact us for specific experience relevant to your architecture.

How long does an L1 audit take?

L1 audits are the most comprehensive engagements we do. Typical timeline is 4-8 weeks depending on codebase size, number of client implementations, and scope.

Do you audit client implementations or just the protocol spec?

Both. A correct spec with a buggy implementation is still vulnerable. We audit the reference client and any additional implementations in scope.

Layer 1 Blockchain Security Audits

Layer 1 chains are the foundation everything else builds on. A vulnerability in consensus, networking, or the execution environment doesn't just affect one protocol. It affects every application on the chain. Our L1 audits cover the full stack, from consensus to client implementation.

Request an Audit

The Highest Stakes in Blockchain Security

When a DeFi protocol gets exploited, one protocol loses funds. When a Layer 1 chain has a vulnerability, every protocol, bridge, and user on that chain is at risk. L1 bugs can enable chain halts, double-spends, consensus failures, and network-wide fund theft.

L1 audits require a different skill set than smart contract audits. The codebase is larger (often hundreds of thousands of lines), the attack surface spans consensus, networking, mempool, state management, and the VM/runtime. The auditors need systems-level expertise, not just smart contract knowledge.

Our Methodology

Our L1 audit methodology covers every layer of the blockchain stack.

Consensus Mechanism Review

Analyze the consensus algorithm for safety, liveness, and finality guarantees. Check for nothing-at-stake, long-range attack, and validator collusion vectors.

Networking & P2P Layer

Review peer discovery, message propagation, DoS resistance, and eclipse attack surface.

Execution Environment

Audit the VM or runtime: opcode correctness, gas metering, precompile safety, and state transition integrity.

Validator & Staking Logic

Review validator set management, slashing conditions, reward calculations, and delegation mechanics.

Report & Remediation

Protocol-level findings with severity and exploitability analysis. Coordinated disclosure for critical issues.

Vulnerability Classes We Target

These are the vulnerability patterns most relevant to this audit type: the ones that cause real losses.

Consensus Failures

Bugs that break safety or liveness: chain forks, double-finalization, or network halts.

Eclipse Attacks

Network-level attacks isolating nodes to feed them attacker-controlled state.

VM Exploits

Execution environment bugs: incorrect opcode behavior, gas metering errors, or precompile vulnerabilities.

Slashing Edge Cases

Validator slashing conditions that can be triggered maliciously or fail to activate during actual misbehavior.

Frequently Asked Questions

Related Research

research

What $10.77 Billion in Hacks Reveals About Audit Effectiveness

Analysis of 100 largest protocol hacks totaling $10.77B. Only 20% were audited, but the ones that were share a pattern. Firm comparison, verified exploit data, pricing, and evaluation criteria.

Secure Your Protocol

Get a quote for your l1 chain audits engagement. We respond within 24 hours.