The Problem That Started This

Every time I enter a smart contract audit contest on Sherlock or Code4rena, the first 30–60 minutes are the same: manually reading through the contract, mapping every external function, listing modifiers, identifying state variables, and building a mental model of the attack surface — before I've even started looking for bugs.

That work is necessary. But it's repetitive, time-consuming, and doesn't require creativity. It's exactly the kind of work AI should handle.

AuditScope was born from that frustration.

What It Does

Paste any Solidity smart contract. AuditScope returns a structured audit scope report in seconds:

  • Contract Summary — what the contract does, who the key actors are
  • Attack Surface — every external/public function with its exact modifiers
  • Modifier Map — a side-by-side comparison that makes missing guards instantly visible
  • Risk Areas — specific findings with attack paths and recommendations
  • Key Variables — critical state to watch during the audit
  • Suggested Audit Focus — top priorities for a human auditor
  • Vulnerability Pattern Checklist — 13 known patterns checked against the actual logic

How I Built It

  • Frontend: Next.js + Tailwind CSS — dark theme, clean, professional
  • AI Backend: Gemini 2.0 Flash (Google AI Studio) — 1M token context, handles any contract size
  • Analytics: Novus.ai — auto-instrumented from the codebase, zero manual tagging
  • Deploy: Vercel — public URL, live from day one

The core innovation isn't the UI — it's the reasoning prompt. I engineered a multi-step internal reasoning process that forces the model to:

  1. Build a modifier map for every function
  2. Trace the state machine for desync bugs
  3. Verify CEI pattern before flagging reentrancy
  4. Follow asset flows end to end
  5. Check boundary conditions on all inputs
  6. Compare modifiers across functionally similar functions

This catches real bugs — not generic security advice.

The Hardest Challenge

Getting the AI to reason specifically rather than generically.

Early versions would say things like "reentrancy is possible because external calls exist" — which is useless. The contract might follow CEI perfectly and have zero reentrancy risk. Generic output wastes an auditor's time and destroys trust in the tool.

The breakthrough was forcing the model to check CEI before flagging reentrancy, and to compare modifier lists across similar functions before writing findings. That single change went from boilerplate output to catching a real medium-severity bug in a test Escrow contract: refundBuyer() missing the noDispute modifier that releaseFunds() correctly had.

What I Learned

  • Prompt engineering for security reasoning is a discipline of its own
  • The modifier map is more valuable than the risk list — it gives auditors the raw data to think with
  • Shipping a stateless, single-purpose tool is the right scope for a hackathon
  • Novus auto-instrumented my entire product from the GitHub repo with zero setup — that's genuinely impressive

What's Next

  • Cairo/Starknet contract support
  • Rust/Soroban support for Stellar ecosystem
  • Side-by-side diff view for comparing two contract versions
  • Export to PDF for contest submission prep

Built With

  • gemini-2.0-flash
  • google-ai-studio
  • next.js
  • novus.ai
  • tailwind-css
  • typescript
  • vercel
Share this project:

Updates