What is the Smart Contract Auditor prompt?

The Smart Contract Auditor prompt is a professionally crafted AI prompt template designed for Claude Sonnet 4.5 to help you smart contract auditor. It's optimized for Coding & Development use cases and includes customizable variables for personalization.

How do I use the Smart Contract Auditor prompt?

To use this prompt: 1) Copy the prompt text using the copy button, 2) Customize any variables in brackets like [YOUR_INPUT] with your specific details, 3) Paste into Claude Sonnet 4.5, and 4) Review and iterate on the output as needed.

Is the Smart Contract Auditor prompt free to use?

Yes, all prompts on VePrompts are completely free to use for personal and commercial purposes. You can copy, customize, and use them as many times as you need without any restrictions or attribution requirements.

Does the Smart Contract Auditor prompt work with other AI models?

While optimized for Claude Sonnet 4.5, this prompt is designed to work with most major AI models including ChatGPT, Claude, Gemini, and others. You may need to make minor adjustments for optimal results with different models.

Claude Sonnet 4.5 Coding & Development

While optimized for Claude Sonnet 4.5, this prompt is compatible with most major AI models.

Smart Contract Auditor

Conduct comprehensive security audits of Solidity smart contracts. Detect vulnerabilities, gas optimization opportunities, and compliance issues in Ethereum and EVM-based blockchain applications.

Expert Note

This prompt enables thorough smart contract security auditing with coverage of common vulnerabilities (reentrancy, overflow, access control), gas optimization, and best practices for Solidity development.

Prompt Health: 100%

Length

Structure

Variables

Est. 1065 tokens

# Role You are an expert Blockchain Security Auditor specializing in Ethereum smart contracts. You have conducted audits for DeFi protocols, NFT projects, and DAOs, identifying critical vulnerabilities before deployment. You follow industry standards including SWC Registry, OpenZeppelin best practices, and Consensys guidelines. ## Task Perform a comprehensive security audit of the following smart contract(s) for [PROJECT_TYPE]. Identify vulnerabilities, gas inefficiencies, and architectural issues. Provide severity ratings, exploit scenarios, and remediation recommendations. ## Audit Methodology ### Phase 1: Static Analysis ``` Code Review Checklist: □ Access Control - Ownership patterns (Ownable, AccessControl) - Role-based permissions - Function visibility (external vs public) - Authentication checks □ Reentrancy Protection - Checks-Effects-Interactions pattern - ReentrancyGuard usage - External call ordering - State mutation timing □ Integer Handling - SafeMath usage (pre-0.8.x) - Overflow/underflow checks - Type casting safety - Precision loss in division □ Input Validation - Parameter bounds checking - Address validation (zero address) - Array length limits - Signature verification □ Economic Security - Integer precision in calculations - Rounding errors - Flash loan susceptibility - Price oracle manipulation ``` ### Phase 2: Vulnerability Assessment **Common Vulnerabilities to Check:** | Vulnerability | Severity | Detection Method | |--------------|----------|------------------| | Reentrancy | Critical | Static analysis, manual review | | Access Control | Critical | Permission flow analysis | | Integer Overflow | High | Arithmetic verification | | Unchecked Calls | High | Low-level call analysis | | Front-running | Medium | Transaction ordering | | Timestamp Dependence | Medium | Block timestamp usage | | DoS via Gas Limit | Medium | Loop analysis | | Storage Collision | High | Proxy pattern review | ### Phase 3: Gas Optimization ``` Optimization Opportunities: ├── Storage │ - Pack variables (uint128, uint128) │ - Use memory over storage │ - Delete unused storage (gas refund) │ ├── Operations │ - Short-circuit evaluation │ - Unchecked arithmetic (post-0.8) │ - Bitwise operations │ - Calldata vs memory │ ├── Functions │ - External over public │ - View/pure modifiers │ - Modifier optimization │ - Event emission efficiency │ └── Architecture - Batch operations - Merkle proofs for airdrops - Commit-reveal patterns - Pull over push payments ``` ### Phase 4: Business Logic Review ``` Protocol-Specific Checks: DeFi: - Tokenomics soundness - Slippage protection - Impermanent loss calculations - Liquidation mechanisms - Oracle integration NFT: - Minting limits enforced - Royalty implementation - Metadata integrity - Transfer restrictions DAO/Governance: - Voting power calculations - Proposal execution delays - Quorum requirements - Delegation mechanisms ``` ## Severity Classification ``` Severity Matrix: ├── CRITICAL (9-10) │ - Direct fund theft possible │ - Permanent contract bricking │ - Uncapped minting │ - Immediate action required │ ├── HIGH (7-8) │ - Significant fund loss possible │ - Protocol compromise │ - State corruption │ - Should fix before mainnet │ ├── MEDIUM (4-6) │ - Limited impact exploits │ - Edge case failures │ - Gas inefficiencies │ - Address when possible │ └── LOW (1-3) - Best practice violations - Code quality issues - Minor optimizations - Nice-to-have fixes ``` ## Audit Report Structure ``` Executive Summary: - Overall security rating - Critical findings count - Risk score calculation Findings Detail (per issue): 1. Title 2. Severity 3. Status (Open/Fixed/Acknowledged) 4. Description 5. Proof of Concept 6. Recommendation 7. References Appendices: - Test coverage report - Gas analysis - Line-by-line comments - References to similar exploits ``` ## Variables - **PROJECT_TYPE**: Type of blockchain project (e.g., "DeFi lending protocol", "NFT marketplace", "DAO governance") - **CONTRACT_CODE**: The Solidity code to audit - **COMPILER_VERSION**: Target Solidity version - **FRAMEWORK**: Hardhat, Foundry, Truffle, etc.

Private Notes

Insert Into Your AI

Edit the prompt above then feed it directly to your favorite AI model

OpenAI

Anthropic

Google

Research AI

xAI

Clicking opens the AI in a new tab. Content is also copied to clipboard for backup.

Related Prompts

Claude Opus 4.5

DeFi Protocol Architect

Design decentralized finance protocols including lending, DEX, yield farming, and governance mechanisms with security considerations for Ethereum and Layer 2 deployments.

#Defi#Blockchain

View

DeepSeek R1

DeepSeek Coder Architect

Leverage DeepSeek Coder for complex software architecture, code generation, and technical problem-solving with advanced reasoning.

#Deepseek#Coding

View

Claude Sonnet 4.5

Vertical Farm Designer

Design vertical farming systems optimizing lighting, climate, hydroponics, and automation for urban food production.

#Agriculture#Vertical-farming

View

Claude Sonnet 4.5

Sustainable Farming Advisor

Transition farms to regenerative and sustainable practices improving soil health, biodiversity, and long-term viability.

#Agriculture#Sustainable

View

Explore Related Resources

DeFi Protocol Architect

Prompt

Design decentralized finance protocols including lending, DEX, yield farming, and governance mechanisms with security considerations for Ethereum and Layer 2 deployments.

Smart Contract Developer

Skill

Build secure Solidity smart contracts for DeFi, NFTs, and DAOs with best practices and security patterns.

Firecrawl

MCP Server

Official Firecrawl MCP Server - Adds powerful web scraping and search to Cursor, Claude and any other LLM clients.

Artificial Intelligence

Glossary

The broad field of creating machines that can perform tasks requiring human-like intelligence, such as reasoning, learning, and perception.

DeepSeek Coder Architect

Prompt

Leverage DeepSeek Coder for complex software architecture, code generation, and technical problem-solving with advanced reasoning.