"Secure your blockchain with formal methods."
Veridise, Austin, Texas - the shield-and-checkmark of a security firm spun out of a university program-analysis lab, where cryptography research meets production Web3 audits.
Most blockchain hacks are not clever. They are bugs that someone should have caught - a reentrancy slip, an unsafe token transfer, a zero-knowledge circuit that quietly fails to constrain its own inputs. Veridise, a security company based in Austin, Texas, was built to catch them. It pairs expert human auditors with proprietary software tools drawn from a decade of academic research in formal verification, program analysis and fuzzing.
Veridise traces its origins to the UToPiA research group at the University of Texas at Austin, which began studying program analysis for smart contracts as far back as 2018. In 2021 that work left the lab: co-founders Isil Dillig, a UT Austin computer science professor who leads UToPiA, and Jon Stephens, then a PhD candidate and now the company's CEO, turned peer-reviewed research into a commercial security practice. The team it assembled - PhDs in program analysis, cryptography and software security, alongside professors of computer science and mathematics - is unusual in an industry more accustomed to bug-bounty hunters than research scientists.
Traditional audits document findings through PDF reports at specific points in time. AuditHub enables audit firms to deliver formal verification results - mathematical proofs that certain vulnerability classes are absent.- Veridise, on why it built AuditHub
Veridise provides blockchain security audits across every layer of the Web3 stack: Solidity smart contracts, decentralized applications, zero-knowledge circuits and cryptographic primitives, and the L1/L2 blockchain implementations underneath them. What distinguishes the work is not the review checklist but the tooling behind it. The company writes its own static analyzers, fuzzers and solver-based verifiers, so an auditor is not only reading code - they are running it against automated engines that search for the failure cases a human eye misses.
Zero-knowledge proofs are meant to be trustless, but a single underconstrained circuit can silently break the guarantee - accepting inputs it should reject. Manual review alone does not scale to that class of bug, or to cryptographic primitives generally. Veridise's answer is to encode what expert reviewers know into automated tools that flag underconstrained circuits, private-input leakage, reentrancy and unsafe transfers before code ships to production.
Veridise sells expert audits, but its edge is the software those audits run on. The names are playful; the mathematics underneath is not.
Automatically detects underconstrained ZK circuits using a two-phase process - lightweight static analysis plus deeper solver-based reasoning - and generates concrete inputs that break the constraints.
Static analyzers that flag smart-contract issues like reentrancy and unsafe token transfers, and common ZK bugs such as underconstrained circuits and private-input leakage.
A specification-guided (oracle-guided) fuzzer for Ethereum smart contracts, driven by user-defined temporal properties that steer its search toward meaningful violations.
A platform for professional audit firms to deliver formal-verification results - proofs that whole vulnerability classes are absent - rather than only point-in-time PDF reports.
Bars are illustrative of emphasis described in public materials, not audited market-share figures.
A traditional audit hands back a report: here is what we found when we looked. Veridise leans on formal verification to make a stronger statement - here is a class of bug that cannot exist in this code. That reframes the deliverable from a snapshot to a guarantee, and it is why the company puts so much weight on building tools rather than scaling headcount.
Competitors in the space include Trail of Bits, OpenZeppelin, ChainSecurity, Zellic, Certora, Halborn and Quantstamp. Veridise's distinct wager is the depth of its academic roots and its investment in proprietary program-analysis tooling.
Veridise is a B2B company. Revenue comes from fee-based security audits - smart contract, ZK and protocol/infrastructure - augmented by its in-house tools, with AuditHub productizing that tooling for other professional audit firms. Its customers are Web3 infrastructure and DeFi teams that cannot afford a silent failure.
UT Austin's UToPiA group starts focusing on program analysis for smart contracts.
Isil Dillig and Jon Stephens spin the group's research into a blockchain security company in Austin.
Polychain Capital leads a seed round with Hack VC, dao5 and angels from across the crypto ecosystem.
Picus and ZK Vanguard bring the company's zero-knowledge research into production vulnerability detection.
A platform lets audit firms deliver formal-verification-backed results, and Veridise passes 150+ completed audits.
Veridise raised $4.7 million in a seed round led by Polychain Capital, with Hack VC, dao5, and angels from Manta Network, ConsenSys, Aleo, Scroll Tech, Coinbase and the Ethereum Foundation.- Seed announcement, 2022
Details compiled from Veridise's website, seed-round announcement, and public company profiles. Figures such as team size and audit count are approximate and reflect the most recent public sources.