Soteria is a Security Scan Service for smart contracts. Today Soteria analyses all types of Solidity based contracts (on any EVM based chains or Layer 2) and will soon identically perform Rust based smart contracts scans (Coswasm, Solana). Soteria at a glance:
  • Helps developers to detect all known security vulnerabilities on the fly and suggest fixes.
  • Provides Gas optimization alerts and fixes.
  • Enables smart contracts continuous integration checks.
  • All this is now available at a fraction of the cost of a traditional smart contract Audit.

Get Started

Soteria Scanning Tool Version

Current Published Version

Published Date

V1.3 01/02/2023

Vulnerability Coverage





Function Default Visibility Improper Adherence to Coding Standards SWC-100   [-1-]
Integer Overflow and Underflow Incorrect Calculation SWC-101     [-1-]
BeautyChain (BEC)    [-1-]  [-2-]
Outdated Compiler Version Using Components with Known Vulnerabilities SWC-102
Floating Pragma Improper Control of a Resource Through its Lifetime SWC-103
Unchecked Call Return Value Unchecked Return Value SWC-104     [-1-]
King of the Ether Throne (KotET)  [-2-]
Unprotected Ether Withdrawal Improper Access Control SWC-105     [-1-]
Rubixi  [-2-]  [-3-]
Unprotected SELFDESTRUCT Instruction Improper Access Control SWC-106     [-1-]    [-2-]
Parity Multi-Sig Wallets  [-3-]  [-4-]
Reentrancy Improper Enforcement of Behavioral Workflow SWC-107     [-1-]
The DAO  [-2-]  [-3-]  [-4-]
Fei Protocol  [-5-]  [-6-]  [-7-]
State Variable Default Visibility Improper Adherence to Coding Standards SWC-108     [-1-]
Uninitialized Storage Pointer Access of Uninitialized Pointer SWC-109     [-1-]
Real-World Examples (Honey Pots):
  OpenAddressLottery  [-2-]  [-3-]
  CryptoRoulette  [-4-]  [-5-]
Assert Violation Always-Incorrect Control Flow Implementation SWC-110     [-1-]   [-2-]  [-3-]
Use of Deprecated Solidity Functions Use of Obsolete Function SWC-111
Delegatecall to Untrusted Callee Inclusion of Functionality from Untrusted Control Sphere SWC-112     [-1-]   [-2-]  [-3-]
DoS with Failed Call Improper Check or Handling of Exceptional Conditions SWC-113     [-1-]   [-2-]  [-3-]  [-4-]  [-5-]
Transaction Order Dependence Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') SWC-114     [-1-]   [-2-]  [-3-]  [-4-]
Authorization through tx.origin Use of Obsolete Function SWC-115     [-1-]   [-2-]  [-3-]  [-4-]
Block values as a proxy for time Inclusion of Functionality from Untrusted Control Sphere SWC-116     [-1-]   [-2-]  [-3-]  [-4-]
Signature Malleability Improper Verification of Cryptographic Signature SWC-117     [-1-]   [-2-]  [-3-]
Incorrect Constructor Name Improper Initialization SWC-118     [-1-]   [-2-]
Shadowing State Variables Improper Adherence to Coding Standards SWC-119
Weak Sources of Randomness from Chain Attributes Use of Insufficiently Random Values SWC-120     [-1-]   [-2-]
Missing Protection against Signature Replay Attacks Improper Verification of Cryptographic Signature SWC-121
Lack of Proper Signature Verification Insufficient Verification of Data Authenticity SWC-122
Requirement Violation Improper Following of Specification by Caller SWC-123
Write to Arbitrary Storage Location Write-what-where Condition SWC-124
Incorrect Inheritance Order Incorrect Behavior Order SWC-125     [-1-]   [-2-]  [-3-]  [-4-]
Insufficient Gas Griefing Insufficient Control Flow Management SWC-126     [-1-]   [-2-]  [-3-]
Arbitrary Jump with Function Type Variable Use of Low-Level Functionality SWC-127     [-1-]   [-2-]  [-3-]
DoS With Block Gas Limit Uncontrolled Resource Consumption SWC-128     [-1-]   [-2-]  [-3-]  [-4-]  [-5-]
Typographical Error Use of Incorrect Operator SWC-129     [-1-]   [-2-]  [-3-]
Right-To-Left-Override control character (U+202E) User Interface (UI) Misrepresentation of Critical Information SWC-130
Presence of unused variables Irrelevant Code SWC-131
Unexpected Ether balance Improper Locking SWC-132     [-1-]   [-2-]  [-3-]  [-4-]  [-5-]  [-6-]
Hash Collisions With Multiple Variable Length Arguments Authentication Bypass by Capture-replay SWC-133     [-1-]   [-2-]
Message call with hardcoded gas amount Improper Initialization SWC-134     [-1-]   [-2-]  [-3-]
Code With No Effects Irrelevant Code SWC-135     [-1-]   [-2-]
Unencrypted Private Data On-Chain Access to Critical Private Variable via Public Method SWC-136     [-1-]   [-2-]  [-3-]  [-4-]