Audit Walkthrough — Standard vs Deep Dive

B9NU▓*Y2D2%#A9%W#·#█Y#H*C\QXCJ/▒79N7ABH6KD3\AG\4YAD91HU4E0T3░8N7K2KFT*@PA▒Q$░\Y1G@·Q%Z9&U░%HQDG73RD7░FNF█G/1DMH█#>5?4▓TXB?/8TWDHJR▓5HWA5PT*Q0@@W6J█QQ5V9█W4/EM/<\@NP*6N1▓%6C*\*@A#CA█QW2VA7ES0·░▒\QC>/\@$W██T█HVJ4HB▒KN9%7X\NUZ█7X▒0▓B&53H7▒·GAR5·NMUU·VEN3KDFX&G52</9B@X$▒F?B<█<Q3/7QB·S░0Z22H4P▒9PQF7RJ@YGWMQE0RPV░3C·Y6·$02▒?B9NU▓*Y2D2%#A9%W#·#█Y#H*C\QXCJ/▒79N7ABH6KD3\AG\4YAD91HU4E0T3░8N7K2KFT*@PA▒Q$░\Y1G@·Q%Z9&U░%HQDG73RD7░FNF█G/1DMH█#>5?4▓TXB?/8TWDHJR▓5HWA5PT*Q0@@W6J█QQ5V9█W4/EM/<\@NP*6N1▓%6C*\*@A#CA█QW2VA7ES0·░▒\QC>/\@$W██T█HVJ4HB▒KN9%7X\NUZ█7X▒0▓B&53H7▒·GAR5·NMUU·VEN3KDFX&G52</9B@X$▒F?B<█<Q3/7QB·S░0Z22H4P▒9PQF7RJ@YGWMQE0RPV░3C·Y6·$02▒?

1001101000110110101010100001111001011110101001100001111001100010001100011010001000011000110010001011100010001101010000010001101011001101000100101011001000000111101010111100000000011111010010100001010111001110100110100000001011110100000100000011111000100010101001001110111100000010011000101010001001011100000011101100001010011010001101101010101000011110010111101010011000011110011000100011000110100010000110001100100010111000100011010100000100011010110011010001001010110010000001111010101111000000000111110100101000010101110011101001101000000010111101000001000000111110001000101010010011101111000000100110001010100010010111000000111011000010

What happens after you submit a contract, end-to-end.

A QorTrace Smart Contract Audit follows the same pipeline regardless of tier — the difference is depth of human review.

Pipeline stages

Intake — you submit via GitHub URL, zip upload, or pasted source. We support 18 chains today.
Static pre-pass — our 9-detector engine flags well-known anti-patterns (re-entrancy, tx.origin misuse, unchecked ecrecover, etc.) with example trigger snippets.
AI deep-pass — Claude Sonnet 4.5 reads the full codebase + qortrace-method rubric and emits structured findings (severity, evidence, suggested remediation).
Scoring — we apply the family-specific formula (BTC / EVM / Solana) and compute the security score 0-100 + the trust score.
Delivery:
- Standard tier → straight to a stamped PDF + public certificate. Minutes.
- Deep Dive tier → all of the above PLUS a senior auditor reviews each finding, removes false positives, adds context-specific findings the model missed, and signs the final report. 2-5 business days depending on scope.

What you receive

Asset	Format	Where it lives
Signed PDF report	PDF	`/api/audit/{id}/report.pdf` (cookie-authed)
Public certificate	HTML / PNG / SVG	`/audit/{id}/certificate.html` (anyone can view)
Verification URL	HTML	`/verify/{id}` (anyone can verify)
Embeddable badge	Markdown / HTML	rendered on `/account/audits/{id}`
OG share card	PNG	`/api/audit/{id}/og.png` for LinkedIn / X / Slack

Disputing a finding

Both tiers have a 30-day dispute window. Open a ticket from your audit detail page and a senior reviewer will respond within one business day. See the FAQ for the resolution process.