img
net

Smart Contract Audits and Development

Solidity, Rust, Vyper, Yul, Scrypto, Tact and Func.

img

Why Choose TriWei?

TriWei is a collective of three solo auditors and offers a unique blend of individual expertise and collaborative review. It merges the best sides of both solo auditors and traditional firms, enabling a more agile and cost-effective approach than larger companies, benefiting from minimized bureaucracy.

quality icon

Transparency

We openly share our pricing and processes, showcasing our commitment to honesty

quality icon

Years of Expertise

Our members have collectively accumulated years of experience in the industry

quality icon

Competitive Pricing

Our lean process allow us to avoid the expensive structure of traditional firms

quality icon

High Quality Outputs

Working at multiple top firms we have gathered the most effective best practices

quality icon

Enhanced Communication

Our approach prioritizes extensive and frequent engagement with clients

quality icon

Education Commitment

Our focus extends beyond auditing to include educational initiatives

Our Auditing Process

checklist
line
01

Audit Readiness Check

Client will follow the audit readiness checklist to make sure the project is ready to be audited. Violations might lead to extended audit timelines.

documents
line
02

Project Repository Access

A code repository is needed to formally connect the provided codebase to a commit.

money
line
03

Price and Timeline Quote

The audit estimation is internally performed and communicated to the client.

calendar
line
04

Dates Agreement

Our availability is compared with the timeline required by the audit and possible dates are proposed to the client.

wallet
line
05

Payment

We receive the agreed payment through Bitcoin or ERC20 on Ethereum and Polygon

security
line
06

Security Analysis

The codebase is synergically reviewed by each of the three auditors independently with a subsequent collaborative brainstorming phase

communication
line
07

Client Communication

Communication with the project's developers is kept open to handle any unclear requirement or lack of documentation in a timely manner.

time
line
08

Report Delivery

A high quality PDF report is delivered to the client. It includes: risks, security findings, gas optimization findings

team
line
09

Client Meeting

A final meeting will ensure that issues and recommendations are clear to the customer.

10

Remediation Review

img

Remediation Review Process

The remediation review takes care of evaluating the fixes of the issues identified during the main audit, as well as identifying potential new vulnerabilities introduced. The code changes must be only related to the fixes without introducing new features.

file
line
01

New Commit Submission

The client provides the commit pointing to the fixed code.

calendar
line
02

Dates Agreement

Our availability is compared with the timeline required by the audit and possible dates are proposed to the client.

wallet
line
03

Payment

The cost depends on the amount of fixes to be inspected - usually 15% of the main audit price.

security
line
04

Security Analysis

The code is inspected to make sure that all the issues identified in the audit have been solved without introducing new ones.

time
line
05

Report Delivery

The report is delivered. If any issue is still unfixed, the remediation check can be performed once more free of charge.

team
06

Client Meeting

A meeting is held with the client to discuss the state of the project and the potentially newly introduced bugs.