Frequently Asked Questions

Find answers to common questions about Dedaub's smart contract security tools, audit services, and platform features.

Frequently Asked Questions

Dedaub is a Web3 security company specializing in smart contract auditing, monitoring, and analysis tools—trusted by the Ethereum Foundation, Chainlink, and EigenLayer.

This FAQ provides comprehensive information on audit timelines, security services, and real-time monitoring. Whether you’re new to smart contract security or comparing top-tier auditors, start here.

Audit Services

How long does a smart contract audit take?

A smart contract audit can take anywhere from 3 days to over 4 weeks, depending on the scope and complexity of the code. Simpler contracts, such as ERC-20 tokens, are often reviewed within a week. More complex dApps or DeFi protocols can take multiple weeks to assess thoroughly.

Key variables include:

  • Size and complexity of the codebase
  • Type of protocol (token vs entire ecosystem)
  • Audit scope
  • Auditor team size and availability
  • Developer responsiveness during the process

Typical audit durations by project type:

  • Basic ERC-20 token: 3–5 days
  • Mid-sized dApp with integrations: 1–2 weeks
  • Advanced DeFi protocol or upgradable system: 3–4+ weeks

What is Dedaub’s audit methodology?

Dedaub uses a rigorous process designed to uncover vulnerabilities that both automated tools and casual reviews often miss. Audits are conducted by two senior researchers working in parallel.

The process includes:

  • Phase A: Understand how the protocol is supposed to work
  • Phase B: Break assumptions by thinking like an attacker
  • Auditor dueling: Reviewers challenge each other’s findings
  • Multilevel threat modeling: Look for bugs that emerge from system interactions
  • Advanced tooling: 70+ static analyzers and custom fuzzing pipelines

How much does a smart contract audit cost?

Smart contract audit costs vary widely depending on the complexity of the codebase, the protocol’s novelty, and the depth of the review required. Costs range from a few thousand dollars for basic contracts to hundreds of thousands for large-scale DeFi systems.

Main cost drivers:

  • Codebase size and scope: More lines of code, contracts, or integrations require more auditor hours
  • Complexity and novelty: New primitives, custom mechanisms, or unconventional architectures demand deeper review
  • Timeline and urgency: Tight deadlines or last-minute requests can raise the cost
  • Reputation and thoroughness: Established auditing firms with senior researchers charge more, but often deliver significantly higher value

What should I watch out for when choosing an auditor?

Fast turnaround and low prices can be tempting, but rushed audits often miss deep, protocol-level vulnerabilities.

Red flags to avoid:

  • Audits promising “delivery in 24 hours”
  • Solo auditors for complex or high-value protocols
  • No retesting or fix-verification process
  • Vague, copy-pasted, or templated reports

Choose an audit team that explains its reasoning clearly, documents findings in detail, and provides retesting after fixes.

Security Services

What is smart contract security?

Smart contract security ensures that blockchain-based code works safely and as intended—even in adversarial conditions. Since smart contracts are immutable once deployed and often manage assets, any flaw in logic, access control, or integration can be catastrophic.

Key security areas:

  • Code correctness: Ensuring the contract behaves as specified across all inputs and states
  • Access control: Verifying that only authorized entities can perform sensitive operations
  • Resistance to known exploits: Defending against vulnerabilities like reentrancy, integer overflows, logic bugs
  • Integration safety: Auditing interactions with other contracts, protocols, or tokens
  • Gas efficiency and DoS prevention: Minimizing resource costs while avoiding contract lockouts
  • Smart contract monitoring: Continuously tracking on-chain behavior to detect exploit attempts

What vulnerabilities does Dedaub typically detect?

Dedaub focuses on deep, logic-level vulnerabilities that automated scanners often miss. Examples include:

  • Access control flaws: Missing or misused permissions, unchecked privileged functions
  • Reentrancy vulnerabilities: Classic patterns as well as nuanced multi-function reentry risks
  • Unchecked external calls: Use of call, delegatecall, or transfer without verifying success
  • Integer overflows/underflows: Especially in unchecked math blocks or poorly handled token decimals
  • Denial of service (DoS): Logic bugs that allow griefing or stall the protocol
  • Flash loan exploits: Systems that assume token balances or prices are stable within a block
  • Oracle manipulation: Protocols that accept stale, zero, or manipulable data without validation
  • Economic attack surfaces: Flaws in auction pricing, fee calculation, or liquidity incentives

Does Dedaub offer continuous security monitoring?

Yes. Dedaub provides real-time, protocol-specific monitoring to detect vulnerabilities, governance risks, and exploits before they escalate.

What sets it apart:

  • Tailored protections: Monitoring rules are custom-written for your protocol’s logic, APIs, and assumptions
  • Expert-driven static analysis: Continuously apply advanced static tools to evolve detection rules
  • Real-time incident response: Alerts are human-validated and routed through your preferred channels
  • Full-spectrum coverage: Goes beyond financial exploits—covering governance, transaction integrity, and protocol-specific attack vectors
  • Multi-chain monitoring: Custom agents track high-value asset movements across multiple blockchains

About Dedaub

What is Dedaub?

Dedaub is a Web3 security firm specializing in smart contract audits and comprehensive blockchain security solutions. The firm’s experienced team comprises white-hat hackers, PhDs, and industry veterans dedicated to securing blockchain projects from vulnerabilities and potential hacks.

Services include:

  • Comprehensive smart contract audits
  • Real-time monitoring and alerting
  • Advanced static analysis tools
  • Transaction simulation and testing
  • Gas optimization analysis
  • Protocol integration security reviews

Which notable clients has Dedaub worked with?

Dedaub has worked with over 70 Web3 projects, including:

  • Ethereum Foundation - Protocol research and audits
  • Uniswap Foundation - Security provider for Areta’s audit marketplace
  • EigenLayer - Restaking protocol security
  • Chainlink - Oracle and network component security
  • Coinbase - In-house smart contract systems
  • Lido - Staking protocol security
  • Liquity - DeFi protocol audits
  • Blur - NFT marketplace security
  • DeFi Saver - DeFi automation platform
  • MetaMask - Integration of Dedaub tools (Snap)

What specific services does Dedaub offer?

Dedaub Security Stack:

  • EVM Decompiler: Extract and analyze Solidity-like code from bytecode
  • Static Analysis: Over 70 algorithms for rigorous code checks
  • Transaction Simulation: Testing transactions against mainnet data
  • Token Safety: Identifying risks such as honeypots, rug pulls, and impersonations
  • Monitoring & Alerting: Real-time alerting through agents powered by DedaubQL
  • On-Chain Firewall: Automatically pausing risky actions and enforcing security policies

Smart Contract Services:

  • Comprehensive Audit: Thorough security assessments combining automated and manual reviews
  • Gas Inefficiency Analysis: Optimizing code to improve gas usage efficiency
  • External Protocol Integrations Audit: Detailed examination of integrations with external protocols
  • White Glove Monitoring: Customized, continuous monitoring solutions

Technical Questions

How does Dedaub’s security analysis work?

Our platform uses advanced static analysis techniques to examine smart contract code for potential vulnerabilities, including reentrancy, integer overflow, access control issues, and more. We combine automated tools with expert human analysis.

What blockchain networks does Dedaub support?

We support 27+ networks including:

  • Ethereum and all EVM-compatible chains
  • Layer 2 solutions: Arbitrum, Optimism, Polygon, Base
  • Alternative chains: Avalanche, Fantom, BNB Smart Chain
  • Emerging ecosystems: Zircuit, Berachain, Mantle

Can I integrate Dedaub with my development workflow?

Yes! We offer API access and integrations with popular development tools and CI/CD pipelines. Our tools can be incorporated into your existing development process.

What is Dedaub’s Decompiler?

The Dedaub Decompiler is a free tool that reconstructs human-readable Solidity-like code from EVM bytecode. It’s particularly useful for analyzing contracts without publicly available source code.

Key features:

  • High success rate: Successfully decompiles over 99.98% of deployed contracts
  • Advanced static analysis: Identifies vulnerabilities through comprehensive analysis
  • Free access: Available to the entire Web3 community
  • Broad EVM chain support: Works across multiple EVM-compatible networks

Getting Started

How can I request a smart contract audit from Dedaub?

Audit requests can be submitted directly through our contact form at dedaub.com/form/request-an-audit/. After submission, we’ll provide a detailed proposal including costs, timelines, and deliverables.

Is there a free tier?

Yes, we offer a free tier with basic analysis capabilities through our decompiler and some security tools. This is perfect for getting started with smart contract security.

Do you provide training or consulting?

Yes, we offer training sessions and consulting services to help teams implement security best practices and understand smart contract vulnerabilities.

Support

How can I get help?

You can reach our support team through:

Are Dedaub’s findings public?

Dedaub maintains transparency by publishing selected audit reports, case studies, and detailed post-mortems of major security incidents. However, clients have the right to request that audit findings remain confidential.


Have a question that’s not answered here? Contact us and we’ll be happy to help!