Auditing smart contracts
- Evgeny Lyandres
- Mar 11, 2024
- 1 min read
Updated: Apr 17
We study the emerging market for audits of Decentralized Finance (DeFi) smart contracts. We examine two questions. First, what factors influence DeFi protocol developers’ decisions to audit their smart contracts and their choice of auditors?Second, is having an audit associated with better outcomes post protocol launch, such as attracting more funds or reducing security breaches, and do these outcomes vary across auditors? We analyze 8,195 audit reports from 117 auditing firms and 1,575 DeFi protocols between January 2020 and October 2023. We find that the decision to audit and the choice of auditor depend on protocol characteristics, such as deployment on a popular blockchain, offering common financial services, and risk level. Protocol performance increases with auditor market share and launch rate, and decreases with auditor hack rate. Protocols audited by decentralized auditors, or “bounty hunters," are also associated with better outcomes. Additionally, audited protocols experience a milder negative response to adverse DeFi market shocks. However, we find little evidence that audits reduce future security breaches. Instead, protocols are more likely to switch auditors following a breach. Overall, our study provides evidence on the use and value of voluntary smart contract audits in the emerging decentralized finance market.