What does a Rust smart contract audit cover?

A Zealynx Rust audit covers memory safety analysis, concurrency vulnerability detection, unsafe code review, performance optimization, and blockchain-specific security issues. We audit Rust contracts on Solana, Cosmos, Near, and other Rust-based chains.

Why is a Rust-specific audit important?

Rust's ownership model prevents many common bugs, but blockchain-specific vulnerabilities still exist — especially around account validation, serialization, and cross-program interactions. Rust auditors need deep expertise in both the language and the target chain's runtime model.

Rust Audit

Rust audits, beyond Solana.

Rust security audits beyond Solana. Near, CosmWasm, Substrate, and custom runtimes. Memory-safety-adjacent risks, state machine invariants, and runtime-specific quirks.

Near · CosmWasm · Substrate · senior auditors only

Request an intro call

Why this exists

Safe Rust still has unsafe ideas.

The language gives you memory safety. It doesn’t give you economic safety, state machine safety, or correctness under adversarial inputs. Most Rust audit findings sit at the layer above the borrow checker — the layer that compiles cleanly but still has the bug.

Scope

What’s in the audit.

Recent engagements

Recent Rust engagements.

Near · Rust

Sodax Cross-Chain Intent Protocol

Rust audit of a cross-chain intent protocol on Near. Matching engine, intent expiry, and bridge-side trust assumptions.

Nov 2025 · Sodax · Sherlock contest

Near · Rust

Aurora ETH Wallet Integration

Rust audit of an ETH wallet integration on Aurora (Near's EVM layer). Cross-VM signature handling and account binding.

May 2024 · Aurora Labs

How pricing works

Scoped to your codebase.

Rust audits are sized to ecosystem, runtime complexity, and integration surface. No fixed packages. Talk to us for a scope and quote.

Request an intro call

FAQ

Questions.

Is this audit specifically for non-Solana Rust?

Yes. Solana programs have a dedicated page because the account model and CPI semantics need their own treatment. This page covers Rust on Near, CosmWasm, Substrate, and custom runtimes.

Do you handle CosmWasm contracts?

Yes. CosmWasm review covers entry points (instantiate / execute / query / migrate), message-passing assumptions, IBC integration trust, and the chain-specific bindings.

What about Substrate pallets?

Yes. We review pallet logic, weight calculation, dispatch class assumptions, runtime upgrade safety, and inter-pallet trust. Familiarity with FRAME and Substrate macros is part of the engagement.

Do you contribute to contest platforms like Sherlock or Code4rena?

Yes. Some Rust engagements (like Sodax) ran through Sherlock. We bring the same depth to private engagements that we apply to contests.

How do you handle no_std / embedded Rust?

We can scope it. No_std and embedded environments have additional concerns (panics-as-aborts, custom allocators, hardware traps) that we tag as in-scope upfront.

How long does a Rust audit take?

Two to four weeks for typical scope, longer for chain-runtime work. We scope and quote against your specific codebase before you commit.

From our research

Go deeper.

Other services

Need something else?

Ready when you are

Ready to audit?

Send us your repo, the chain or runtime, and a target date. We’ll come back with a scope and a quote within 24 hours.

Request an intro call

Rust audits, beyond Solana.

Safe Rust still has unsafe ideas.

What’s in the audit.

Rust-specific risk classes

Cargo test, property-based fuzzing, our agents

Near, CosmWasm, Substrate, custom runtimes

Recent Rust engagements.

Sodax Cross-Chain Intent Protocol

Aurora ETH Wallet Integration

Scoped to your codebase.

Questions.

Go deeper.

Move vs Rust vs Solidity for smart contracts

How to scope a smart contract audit

2025 exploit lessons: $3.4B in DeFi losses and what they revealed

Need something else?

Smart contract audits

Solana audit

Security Audit Subscription

Ready to audit?