Documentation
Get started with FinGuard
Everything you need to run your first audit, read your report, and understand how we handle disclosure.
Quick start
From sign-up to a full report — no integration needed.
Create your account
Sign up and create a project for the contract you want to secure.
Unlock the audit
Pay a flat 1599 USDT (BEP-20 on BSC). Access unlocks automatically on receipt — usually within 30–60 seconds.
Submit your contract
Paste your Solidity source or point us at a verified on-chain address. No SDK or setup required.
Get your report
The full 7-layer report is delivered the same day. After you ship fixes, re-scan as many times as you need — for free.
Reading your report
What each field in a FinGuard assessment means.
Severity
Every finding is rated Critical / High / Medium / Low / Info, based on exploitability and financial impact.
Layer results (L1–L7)
A pass/issue verdict for each of the seven defense layers, from static analysis to continuous monitoring.
Proof of exploit
For critical findings, a reproducible exploit run against a mainnet fork in a hardened sandbox — Forge logs, attack path and net impact included.
Root cause
The underlying flaw explained in plain language, with the exact code location and why it is exploitable.
Fix verification
After you fix, the same exploit is re-run. A finding is only marked resolved once the attack provably fails.
Responsible disclosure
How we handle vulnerabilities we find in the wild.
When our systems discover a live vulnerability in a third-party contract, we never publish a working exploit before the issue is fixed. Details are shared privately with the project team first.
Projects are given a reasonable window to remediate before any public rating changes. Our public SkyEye ratings reflect only the current, fixed status of a contract — never a live attack recipe.
To report a vulnerability, or if you believe your project was rated in error, reach out through the console and our team will respond directly.