Solana Smart Contract Security

Automated audit.
Before it costs you.

Paste your Anchor contract. Our 4-round AI audit engine finds critical vulnerabilities, fund-loss scenarios, and logic errors. Report delivered to your inbox in minutes. Free.

4
Audit rounds
22
Bug classes checked
~5min
Report delivery
FREE
No cost, no account
// Submit your contract — free audit
Free. Your code is never stored or shared.

// One quick question — help us improve

Prefer to run locally?

The CLI runs the full audit on your machine using your own Anthropic key. Your contract code never leaves your computer.

# install once
npm install -g anchorscan

# audit your contract
npx anchorscan ./programs/my-contract/src/lib.rs --key sk-ant-...

# save report to file
npx anchorscan ./programs/my-contract/src/lib.rs --output report.md

How it works

01 — SUBMIT
Paste your contract
Paste your Anchor .rs file and your email. No account, no payment required.
02 — HUNT
4-round audit engine
Round 1 hunts all issues. Round 2 eliminates false positives. Round 3 scores severity. Round 4 writes the report.
03 — RECEIVE
Report in your inbox
Full structured HTML report with critical, high, medium, and low findings. Attack paths and fixes included.
04 — FIX
Before it costs you
Professional audits cost $5k–$50k. Catch the obvious issues first, then go to a human auditor with confidence.

Sample findings

CRITICAL
Unauthorized fund release via missing signer check
The release_funds instruction does not verify the caller is the authorized arbitrator. Any account can trigger fund release without authorization, draining the escrow.
HIGH
Integer overflow in bid expiration calculation
clock.unix_timestamp + duration can overflow i64 on long durations, causing jobs to expire immediately or never expire.
MEDIUM
Cancel succeeds after deliverable submitted
cancel_job does not check if a deliverable has already been submitted, allowing clients to cancel and reclaim funds after work is done.