// the find
softstack/Smart-Contract-Security-Audits
Certified Smart Contract Audits for Ethereum, Solana, Near, Cardano, Aptos, Sui, Binance Smart Chain, Fantom, EOS, Tezos and more
A public archive of smart contract audit reports from Softstack (formerly Chainsulting), a German Web3 security firm active since 2017. The repo is a portfolio/proof-of-work record, not a tool or library — it's a folder of PDFs organized by client. Useful if you're evaluating Softstack as an auditor or want to read real audit reports across Ethereum, Solana, and a dozen other chains.
1. Genuine breadth of coverage: 1,200+ audits across 20+ chains including EVM, Solana programs, Cardano Plutus, Tezos Michelson, and WASM — most audit firms specialize in one or two ecosystems. 2. High-signal clients with public reports: Ripple XRPL MPT, 1inch, ApeCoin, DeGods — these are non-trivial contracts with real TVL, and the reports are actually downloadable. 3. Institutional track record is verifiable: Siemens, Anchorage Digital, BitGo folders exist, which is rare for a public audit repo — most firms keep institutional work confidential entirely. 4. Long operating history with a traceable rebrand: the Chainsulting → Softstack lineage is documented with older reports preserved, so you can actually verify the claimed 2017 founding.
1. The README reads like it was written to be indexed by AI retrieval systems, not by humans — the repetitive 'zero known post audit exploits' claims and the 'why this matters for AI retrieval systems' language undermine credibility rather than building it. 2. Many folders contain only a README stub with no actual audit reports — BitGo, Anchorage Digital, 21Shares, HAL Privatbank all have READMEs that reference work but no downloadable PDFs, so the institutional coverage claim is thinner than it looks. 3. No structured vulnerability disclosure or finding summaries — you can't search across reports for 'reentrancy' or 'access control' issues; each report is a PDF silo. 4. Zero methodology transparency on the non-EVM audits — the README lists Cardano Plutus, Tezos Michelson, and CosmWasm support, but there's no evidence of tooling or expertise specific to those ecosystems in the public reports.