Tweaks
Heat — depth 0.05
Drag to preview the palette arc without scrolling.
Act I — Perimeter

Hunt bugs before they hunt you.

AuditHunt reads Solidity the way an attacker does — parses the AST, runs thirty-four detectors against it, correlates every hit against the SWC registry and a corpus of past exploits, then writes the proof-of-concept that lands the finding.

Start a hunt See detectors No wallet · paste source or address

The perimeter

A contract on-chain
reads clean.

Block explorer shows a balance, a handful of function signatures, nothing alarming. The calm is the problem — every public contract that was later drained looked exactly like this the day before.

0xdeadbeef…c3e9 Example.sol solc 0.8.24 Verified

Function surface

  • transfer(address, uint256) external
  • withdraw(uint256) external
  • deposit() payable
  • balanceOf(address) view
  • owner() view
  • transferOwnership(address) external

As the explorer reads it

  • Balance · 4,812 ETH +1.2% · 24h
  • Calls (24h) · 1,847 steady
  • Unique callers · 312 no spike
  • Deployed · 34 days ago
  • Compiler · 0.8.24 · optimizer 200
  • All quiet on the perimeter
Lines visible
1,247sol
Every line the explorer renders.
Functions declared
6public
Plus 14 internal paths it doesn't surface.
External call sites
34sites
Each one a place re-entrancy can open a door.
Perceived risk
Low
By the only tool most protocols run.

Two faces

The shield that protects.
The beast that hunts.

One posture the world sees — quiet, verified, watching. One the code meets in private — thirty-four detectors running in parallel, chasing every shape of vulnerability the corpus has seen before.

The Shield

Public-facing. Calm.

A continuous monitor on the addresses you ship. Signs the scan, attaches it to a commit, surfaces a diff when the next deploy changes the surface. What a protocol team hands to governance.

> audit.proof.verify(shield, commit)
> ok · 34/34 detectors · 0 high · 0 critical
The Beast

Private-facing. Loud.

The live hunt. You paste Solidity, or point at a deployed address, and thirty-four detectors sweep in parallel — re-entrancy, oracle, access control, integer, gas — each returning a located finding and a proof-of-concept exploit.

> hunt.run(src, {detectors: 'all'})
> 2.1s · 1,247 loc · 4 high · 1 critical

Next · Act II

Intake. Source meets the hunter — the AST unfolds.

Enter intake