.svg)
What’s In An Audit Report?
Smart contract audits occur for security purposes, but most projects view it as a marketing strategy. Whatever the reason the project gets an audit, in the end, a report is produced with actionable information — the report details the scope, findings, severity, and recommendations. The projects generally have their development team read over the report and address any critical issues before publicly publishing a final draft. How to read a smart contract audit report could be a daunting task for investors.
Reading the report doesn’t need to be complicated. I’ll break down sections of an audit report, hopefully demystifying it. We’ll use the current AuditOne.io .
Introduction
This section of the report specifies auditors in charge of the audit and the project that requested the audit. A brief description of the project and its objectives.
This section also highlights the methodology. AuditOne has an internal automated testing tool that can quickly audit the contract. After that is complete, auditing experts can manually review the contracts using various methods. Automated analysis can spot common vulnerabilities giving the auditor more time to examine the contract thoroughly. A combination of these methods supports each other as manual analysis can identify false positives if they arise due to the automated analysis.
Scope
The scope of the audit is to analyze the smart contract files provided by the project located in their repository.
It explicitly states the type of contract auditors will audit, ERC20 or BEP20, for example. Smart contract language, most common