Certora

The leadership team consists of 12 members, but the following 4 are most notable:

Mooly Sagiv - CEO
Shelly Grossman - CTO
Nurit Dor - CPO
John Toman - Chief Scientist, Vice President of Research and Development


All the leadershi[ team members possess considerable experience in their respective areas, as well as experience working in large companies such as IBM, VMware, Check Point Software. It’s also worth pointing out that the СЕО Mooly Sagiv is a professor at Tel Aviv University in the Systems and a CS department, he is also a visiting researcher at Stanford University and a visiting professor at UC Berkeley (Electrical Engineering & Computer Sciences (EECS)).
John Toman used to be a special researcher at Kyoto University.

The company’s LinkedIn page provides an employee list of over 70 names. The team includes tech specialists, auditors, blockchain researchers, marketologists, business development experts, and writers. The majority of the team members possess experience of over 2 years in this company in addition to a strong background of over 4 years in their respective fields of work.

According to the LinkedIn page, the company was founded in 2018. Neither public repository with the list of audited projects nor the date of the first audit could be located. However, considering the level of trustworthiness of the team leaders, their experience, and large investors such as CEO StarkWere and the CEO of Aave, we can place the first audit around the same time as the company's founding.

There is an average number of subscribers on the company’s X page, but the engagement rating is high compared to similar accounts. Among the subscribers, there are many top projects, funds, influencers, and popular crypto community members, for example, Balancer, Electric Capital, Celo, Origin Protocol, Curtis Spencer etc. The company posts security quizzes and rewards its subscribers with merch. It organizes podcasts with other teams, analyzes hacker and other types of attacks, and so on.

The company is prominent in such media as Cryptonews, Yahoo FInance, crypto.news, coindesk, cointelegraph etc. However, the majority of articles contain just a mention of the company’s name in an article about a project audited by it. There were no publications such as founder interviews, market research, or anything similar.

An audit takes 4-6 weeks, which isn’t fast compared to similar companies and the expected amount of work.

After leaving a request on the website, we received an email from the manager within a day (approx. 12 hours).

We have provided the project information to the manager and asked several additional questions. The response was received after two days and only after following up to remind the manager about the request.

At this time, the company works only with EVM chains and projects built on Solana.

The company offers 2 products:
Prover - a formal verification tool
Gambit - an open-source Solidity mutation testing tool to evaluate and strengthen the testing suite.

Aside from smart contract auditing services, the company offers a set of enterprise services:

Unlimited audits
Certora experts write rules for your code
Unlimited Prover access
Training & dedicated support
Incident response

The company has offered two options:
Option A: an audit completed in 4 weeks for $160 000
Option B: an audit and an official check completed in 6 weeks for $220 000,

These prices are very high compared to those of other similar companies. It’s available to a small number of wealthy project owners.

During communication with the team, no discounts were offered. After completing an audit, the team publishes announcements in its social media. The company also arranges collaborations and events with many of its clients, including inviting them to conferences.

The company accepts payments in stablecoins, fiat, and even sometimes accepts partial payment in project tokens.

• Issue description (thoroughness, code examples): YES

• Project description and contracts (what do they do): YES

• Conclusions (automatically generated vs written by specialists): YES

• Recommendations: YES

• Quality of findings (a large number of automatically generated audits is a disadvantage): YES

Issues are described thoroughly and in detail. A project description is provided and a formal verification of a code is performed.

A quote can be requested only through a form on the website, there are no direct contacts available. This isn’t the most convenient way for potential clients who are looking for information before making a final decision.