Skip to main content

Tips to Optimise Results

A few practices that help you get more accurate results from AuditAgent. The framework and standards examples below are Solidity-flavoured, but the same principles apply to Cairo (Starknet) and Rust (Solana). Follow each ecosystem's conventions instead of the Solidity-specific ones where relevant.

Code organisation

Clear file structure

  • Keep related contracts in the same directory.
  • Use meaningful file and directory names.
  • Maintain a clean project structure.

Follow standard framework practices

  • Use /src to store your contracts under the Foundry framework.
  • Use /contracts to store your contracts under the Hardhat framework.
  • Use /test to store your tests.
  • Stick to standard import paths.

Code documentation

  • Add detailed NatSpec comments for contracts and functions.
  • Document complex logic and business rules.
  • Include inline comments for critical sections.

Contract best practices

Modular design

  • Split large contracts into smaller, focused ones.
  • Use inheritance and interfaces appropriately.
  • Keep functions concise and single-purpose.

Standard compliance

  • Follow the Solidity style guide.
  • Use the latest stable compiler version.
  • Implement standard interfaces such as ERC-20 or ERC-721, and ensure any deviation is properly explained.

Documentation context

Attach additional documentation at the Select Documentation step to give the agent more context.

  • Include architectural diagrams.
  • Provide business logic documentation.
  • Add technical specifications.

Common issues to address

Code quality

  • Remove unused variables and functions.
  • Fix compiler warnings.
  • Handle all possible error cases.

Security considerations

  • Document trust assumptions.
  • Mark trusted versus untrusted functions.
  • Highlight critical security parameters.

Before scanning

A short checklist before you launch.

  • Code compiles without warnings.
  • All tests are passing.
  • Documentation is up to date.
  • Development and debug code is removed.
  • Dependencies are properly specified.
info

The more organised and well-documented your code is, the more accurate the scan results will be.