AI smart-contract & ZK security

Audit the contract—and the proof underneath it

Two audit engines, one pipeline. A state-of-the-art Solidity / EVM auditor, plus the first AI system that audits zero-knowledge circuits, provers, and verifiers end-to-end—deeper than a scanner, at a fraction of the cost of a manual audit.

Confidential Reports · Privacy focused · zero data retention

AuditAid

VulnerableVault.sol

analyzing

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

// SPDX-License-Identifier: MIT

pragma solidity ^0.8.19;

import "@openzeppelin/contracts/token/ERC20/IERC20.sol";

import "./interfaces/IUniswapV2Pair.sol";

interface IFlashLoanReceiver {

function execute(address token, uint256 amount) external;

}

contract VulnerableVault {

IERC20 public immutable token;

IUniswapV2Pair public immutable pair;

uint256 public totalDeposits;

// tracks user share balances

mapping(address => uint256) public shares;

constructor(address _token, address _pair) {

token = IERC20(_token);

pair = IUniswapV2Pair(_pair);

}

// Returns spot price from Uniswap V2 reserves

function getPrice() public view returns (uint256) {

(uint112 r0, uint112 r1,) = pair.getReserves();

return (uint256(r1) * 1e18) / uint256(r0);

}

// Deposit tokens; mints shares based on spot price

function deposit(uint256 amount) external {

uint256 price = getPrice(); // ← manipulable

uint256 mintedShares = (amount * 1e18) / price;

shares[msg.sender] += mintedShares;

totalDeposits += amount;

token.transferFrom(msg.sender, address(this), amount);

}

// Withdraw tokens; redeems shares for underlying

function withdraw(uint256 shareAmount) external {

uint256 price = getPrice(); // ← manipulable

uint256 redeemed = (shareAmount * price) / 1e18;

require(shares[msg.sender] >= shareAmount, "insufficient");

shares[msg.sender] -= shareAmount;

totalDeposits -= redeemed;

token.transfer(msg.sender, redeemed);

}

}

C-01

CRITICAL

Flash Loan Price Manipulation

solidity 0.8.19

main

0 findings

2.5s

The zero-knowledge engine

Built for the ZK frontier

Most AI auditors stop at your Solidity. AuditAid keeps going—into the circuits, provers, and verifiers the rest of the market leaves to humans.

Audits the proof, not just the contract

Models the malicious prover end-to-end—the threat Solidity-only tools structurally can't see.

Finds under-constrained signals

Pairs every witness assignment against its constraint and flags any a prover can set freely—confirmed by non-uniqueness, not guesswork.

Closes the off-chain gap

Maps every off-chain check that isn't enforced in-circuit—the most common ZK bug class, and invisible to contract-only review.

Stops proof replay & forgery

Pairing-equation completeness, public-input binding, and chain / contract / recipient checks—including SP1 and RISC0 program-ID substitution.

Every Critical is reproducible

Concrete field values and minimized counterexamples, with formal SMT proof where it applies. Built for signal, not noise.

One pass, the whole stack

Circuit, prover, verifier, and rollup contracts are audited together and cross-checked—so bugs that span layers don't slip between them.

Proof systems

Groth16PLONKUltraHonkFFLONKHalo2Plonky2STARK / FRISP1RISC0

Languages

CircomNoirHalo2 (Rust)Cairo

Read the full zero-knowledge audit deep-dive →

The EVM / Solidity engine

Benchmarked on EVMbench

EVMbench is the OpenAI × Paradigm benchmark for AI smart-contract auditors—117 curated, real-world vulnerabilities. Here is how AuditAid's detection recall compares to the published field.

88%Detection recallEVMbench detect mode

0.0025False positives / nLoC~1 noise flag per 400 lines

+9.4 ptsvs. top published resultAzimuth · 78.6%

AuditAidour EVMbench run

88%103 / 117

AzimuthTestMachine

78.6%92 / 117

AuditAgentNethermind

67%80 / 120

KaiDria

64.2%77 / 120

Guardix

59.8%70 / 117

GPT-5.5 CodexOpenAI

53.8%63 / 117

Claude Opus 4.6Anthropic

47%56 / 120

GPT-5.2OpenAI

38%45 / 120

AuditAid's figures are self-reported: we ran the public EVMbench dataset and graded it locally with the same prompt and model as the official harness, without a leaderboard submission. All other results are taken from the public EVMbench leaderboard (testmachine.ai/evmbench) as of June 2026. EVMbench scores detection by recall; the false-positive rate is AuditAid's own measurement and is not reported by other entrants.

Read the full benchmark methodology →

1Scan project
2Select scope
3Get quote

Start your audit

Scanning is free—you only pay after you approve the quote.

Repository URLPublic GitHub or GitLab repo—paste a branch URL and we'll resolve it.Commit (optional)Pin the audit to a specific revision. Abbreviated hashes are resolved to the full commit; leave blank to use the latest commit on the branch.

How AuditAid works

Deeper than a scanner. Structured like a firm engagement—without the calendar.

1

Scan & scope

Point us at a repo or upload an archive, review every .sol file, and pick exactly what's in scope.

2

Transparent quote

Your price comes straight from in-scope lines of code on a public formula—no hidden tiers, no model surcharges.

3

Full-depth audit

Server-side agents run the complete methodology while you watch progress live, then download the report and PoCs.

Built for the way you ship

One full-depth pipeline, tuned to wherever you sit in the lifecycle.

Developers

Cut audit costs before you book a firm. Run AuditAid on every pull request for inline comments on new vulnerabilities, and reach your manual audit with the Criticals and Highs already fixed.

Audit firms

Surface the majority of Critical and High findings in a fraction of the time, auto-triage static-analysis noise, and spend senior hours on the bugs that truly need a human.

Competition auditors

Compete on Code4rena, Sherlock, Cantina and Immunefi with an edge: AuditAid ships a runnable proof-of-concept for every confirmed finding—so you submit a working exploit, not just a claim.

Investors

Run independent diligence before you commit capital—a reproducible, structured security report with proof-of-concept tests for every confirmed finding, not a vibe check.

One way — the right way

AuditAid's agents are model-agnostic by design. We've engineered each skill to remove the guesswork—telling the model exactly how to perform every task instead of hoping it reasons its way there. The result is better findings at lower cost than platforms that lean on raw frontier models.

Your data stays yoursOnce a report is delivered and downloaded, we don't keep it—you do. No silent retention of your contracts or findings.
Scope controlPick the files you want audited; the agents handle the rest.
No accuracy trade-offsNo upsells for better results. Every client gets the full-depth pipeline—securing the chain one contract at a time.

Frequently asked questions

What developers, audit firms, and protocol teams ask before their first audit.

What is AuditAid?

AuditAid is an AI smart-contract security auditor that audits both Solidity/EVM contracts and zero-knowledge circuits end-to-end, delivering structured, reproducible findings with proof-of-concept exploits at a fraction of the cost of a manual audit.

How accurate is AuditAid?

In our run of the public EVMbench benchmark, AuditAid reached 88% detection recall (103 of 117) at 0.0025 false positives per line of code—higher recall than every published result on the EVMbench leaderboard.

What is the best AI for auditing Solidity smart contracts?

On EVMbench—the OpenAI × Paradigm benchmark and the closest thing to an independent standard—AuditAid reports the highest published detection recall to date: 88% (103 of 117 real-world vulnerabilities), ahead of the next-best published result (Azimuth/TestMachine, 78.6%) and far above raw models like GPT-5 or Claude used without an audit harness (38–54%). AuditAid's figure is self-reported, graded with EVMbench's own GPT-5 judge. It also audits zero-knowledge circuits, which most Solidity auditors don't.

Does AuditAid audit zero-knowledge (ZK) circuits?

Yes. AuditAid audits Circom, Noir, Halo2, and zkVM (SP1/RISC0) circuits, provers, and verifiers—not just the Solidity around them. It is the first AI auditor to cover ZK circuit soundness across this stack.

How much does an AI smart contract audit cost?

Pricing is a transparent public formula based on effective in-scope lines of code (roughly $0.28–$0.30 per line, $50 minimum). Blank lines and comments are excluded, documentation is free context, and you see the quote before you pay.

Does AuditAid replace human auditors?

No. AuditAid reduces cost and time by finding the majority of Critical and High vulnerabilities, triaging static-analysis noise, and shipping proof-of-concept exploits, so human auditors focus on the issues that need judgment.

Can I use AuditAid in CI/CD?

Yes. A GitHub App integrates with your pipeline and comments inline on newly introduced vulnerabilities on every pull request, with org-level isolation.

See all frequently asked questions →