audit firm profile

Certora

est. 2018

SolidityRustVyperSorobanEthereumSolanaPolygonLendingLiquid StakingDEX

Certora is a blockchain security firm known for deep protocol-level audits across Lending, Liquid Staking, DEX. This profile aggregates its public audit record, 3000+ findings and notable clients — so you can evaluate fit before requesting a competitive quote through Procur3.

Request a quote from Certora View public reports ↗

300+

Public audits

across 8+ years

3000+

Findings logged

all severities

1,250

Crit + high + med

material findings

Incidents attributed

see history below

overview

About Certora

Founded in 2018, Certora is a blockchain security firm specialising in smart contract audits and protocol-level security reviews. The team works primarily in Solidity, Rust, Vyper and Soroban, covering engagements across Ethereum, Solana, Polygon and related ecosystems. Core areas of expertise include Lending, Liquid Staking, DEX, CDP/Stablecoin.

With 300+ public audits on record, Certora has worked with notable protocols including Aave, Compound, Lido, Safe. The firm's review history provides a transparent track record that teams can evaluate before engaging.

Certora is tracked on Procur3's auditor directory. Teams can compare their profile, stats and track record against other firms before requesting a quote.

track record

Findings by severity

HighMediumLowInfoGas

Critical	175	5.8%
High	438	14.6%
Medium	637	21.2%
Low	788	26.3%
Informational	613	20.4%
Gas	349	11.6%

Across 300+ public audits, Certora has logged 3000+ findings. Critical and high-severity issues account for roughly 42% of all findings — a profile reflecting thorough, deep-dive analysis across diverse protocol architectures.

Figures aggregated from publicly available audit reports. Counts are updated periodically and may lag the firm's latest private engagements. Severity labels follow each report's own classification.

selected work

Notable clients

Aave

Lending

↗

Compound

Lending

↗

Lido

Liquid Staking

↗

Safe

Multisig & Wallet

↗

Squads

Multisig

↗

post-audit incidents

Incident history

Incidents recorded where a protocol was exploited after a Certora engagement. Attribution is contextual — a later exploit may fall outside the audited scope or post-date the review. We link the public source so you can judge for yourself.

source: rekt.news

Exploit in a previously-reviewed protocol

1 public incident is associated with a protocol Certora had engaged with. The exploited component fell partially outside the original audit scope. See the linked post-mortem for the full timeline and root cause.

get started

Ready to work with Certora?

Post your scope once. Certora quotes it competitively alongside other matched firms — you compare and award.

Request a quote — free Browse all firms

vetted firms onlyquotes in hoursfree for builders