Our team at Audita is happy to introduce First Pass ⛊

We've talked about this before, and then some more, and now it's time to revisit.

AI is becoming better and better at assisting tech builders.

We've always heavily advocated for mutliple manual audits. But we don't want to sleep on AI as a powerful vulnerability detection tool.

Using AI + Slither for an Initial Audit: What is First Pass?

Your initial security report. First Pass is an automated tool to catch the obvious bugs.

GPT-4o finds ~40% of bugs that static analyzers like Slither miss. So we thought let’s combine them!

Why Slither? Because it's widely endorsed, fast and efficient.

There are other tools out there, like De.Fi's scanner, or SolidityScan. However, we've decided to make First Pass free, and to combine the powers of static analyzers and AI!

All you have to do is upload your files and you get an initial security analysis in minutes:

Track progress of your audit:

If your smart contracts are written in Solidity, we'll first run Slither. This tool by Trail of Bits can detect 99+ issues. Then, we'll give way to GPT-4o for AI vulnerability detection.

AI can potentially find 40% of the bugs that Slither misses. In addition to that AI will provide explanations, impact and recommendations for fixes.

If your smart contracts are written in Rust, we'll bypass Slither and run GPT-4o only. It can detect common Rust vulnerabilities, and help identify unsafe financial/economic operations, as well as logic, access control, memory safety and more.

GPT-4o will interpret the findings, provide explanations, impact and recommendations for fixes.

Get your project's own Dashboard page with findings. You can always come back to that page later, or send the link to your team.

Powerful Vulnerability Detection

AI can sometimes hallucinate.

We made sure you have the necessary path to locate it and put a lot of importance on knowing where each vulnerability comes from.

That's why each finding is flagged 'AI' or 'Slither':

For every automated audit with First Pass, GPT-4o helps to:

⛊ Locate issue
⛊ Interpret it
⛊ Show impact
⛊ Propose a fix

Explore your findings and get a rough idea of your security state based on obvious indicators. Compare and discuss with your dev team or your internal auditors. Implement fixes where relevant, and run First Pass again. First Pass is free of charge.

Important Disclaimer: You Need a Manual Audit

This is not a complete audit. After First Pass, your protocol is not audited in the fullest sense of the word. First Pass is just a way to get started.

You need human experts to research and battle test your code. Multiple manual audits will always be the best you can do.

For a proper security audit, get in touch with our auditors at Audita. They've continuously proven their expertise in both private audits and audit contests, across EVM and Solana projects.

They'll spend time to manually check your code and issue a trusted security report. Request an audit today!

STAY SAFU ⛊
Audita's Team