Automated, AI-PoweredSecurity Assessment for Smart Contracts

Conduct a comprehensive security assessment of your smart contract code to identify vulnerabilities and provide recommendations for remediation

MetaScan Screen 1 - Project list displays recent scans and an overview of the latest scan results
MetaScan Screen 2 - Start scan dialog offering various scan engines for selection, as well as scan configurations the user can adjust based on the project's requirements
MetaScan Screen 3 - Project Detail showing the stats of scan results and details of detected issues with descriptions and remediation recommendations
MetaScan Screen 4 - AI assistant providing side-by-side, in-context answers for prompt related to the security issues and possible fixes.

Multi-Engine, Multi-Dimentional Safeguard for Your Code & Assets

Diverse Security Engines employed by MetaScan and MetaTrust Security Platform
Security Analyzer
Security Analyzer

Utilizing a security analyzer for static code analysis to detect potential security vulnerabilities.


Leveraging AI technology, such as ChatGPT, to detect logic vulnerabilities, encompassing a wider range of vulnerability types and adapting to various code variations. It enables detection even when the vulnerability names and code flow have been altered.

Code Quality
Code Quality

Conducting code quality assessments to identify and extract a majority of informational and low-level vulnerabilities.

Security Prover
Security Prover

Primarily focused on identifying vulnerabilities related to contract execution and fixed logic flaws, while addressing the issue of higher false positives in static detection.

Code Clone
Code Clone

Employing clone detection techniques to identify code clones and prevent the introduction of security risks through code duplication or similarity, especially for Migration Attack.

Open Source Analyzer
Open Source Analyzer

Performing security assessments on the usage of open-source libraries, ensuring their secure integration within applications.

AI Icon

AI × Security

Super Power from Deep Integration with AI

MetaScan AI Illustration
Security Analyzer

Security Analyzer's engine utilizes prompts generated by the GPT model, which are specially designed with unique effects to simulate potential attack scenarios or abnormal behavior patterns. Through this hybrid approach, the engine can delve deeply into the code structure, identify, and expose complex logical vulnerabilities that might be overlooked by traditional methods. The effectiveness of this method lies in its combination of the accuracy of static analysis and the creative thinking of the GPT model, enabling it to provide a deeper level of security analysis while maintaining high efficiency.


GPTScan is an innovative security engine designed with AI at its core. It is the pioneering tool that combines GPT with static analysis to detect vulnerabilities in smart contract logic.

Instead of relying solely on GPT to identify vulnerabilities, which can lead to high false positives and is limited by GPT's pre-trained knowledge, we utilize GPT as a versatile code understanding tool. By breaking down each logic vulnerability type into scenarios and properties, GPTScan matches candidate vulnerabilities with GPT. To enhance accuracy, GPTScan further instructs GPT to intelligently recognize key variables and statements, which are then validated by static confirmation.

Read the Paper

AI Assistant

MetaScan's Web Interface is undergoing a major transition to include AI as a new way for users to interact with the platform.

The AI Assistant is already integrated into the project detail and scan result page. It is able to answer questions about security vulnerabilities and provide recommendations for remediation. The AI Assistant is also able to provide general security information or take actions in the context of the project.

Our goal is to offer a copiloting experience to MetaScan' users. With language as the ultimate interface, we are working to make MetaScan a more intuitive and user-friendly platform that not only will make security assessment of your code a smoother journey, but also will channel our security intelligence to provide you with the most comprehensive security coverage.

Security Prover Logo

Formal Verification with Security Prover

Attain mathematical proof of your code's reliability

MetaScan Security Prover is an advanced tool for formally verifying Solidity smart contracts. It features a groundbreaking symbolic execution engine, offering precise semantic analysis at the source-code level. Prover enhances user-friendliness by allowing developers and security experts to express contract specifications in a Solidity-like syntax, covering function pre/post-conditions, contract invariants, and rule-based properties. It also generates detailed bug reports to streamline fault localization during verification.

Prover Illustration

Feature Highlights & Advantages

  • Source-Code-Centric Formal Verification
  • Comprehensive Verification Reports
  • Automated Property Recommendations
  • Solidity-Style Specification Language
  • Strict Semantic Analysis at the Source-Code Level
  • Minimal Learning Curve

Rich Integrations with Your Favorite Tools

MetaScan provides seamless integration options for your existing tools and development environments.

On the input side, it supports loading source code from a variety of sources such as public/private Git repositories hosted at GitHub or GitLab, or any public accessible Git repositories. Additionally, users can conveniently upload zip archives containing the source code.

MetaScan also offers extensive RESTful APIs for most of its functionalities, allowing effortless integration into your infrastructure or CI/CD environment. These APIs enable you to create projects, initiate scans, and access detailed scan results. For further information, please refer to our comprehensive API documentation.

Furthermore, MetaScan seamlessly integrates with popular smart contract IDEs like Remix through plugins. It harmonizes with the development workflow, enabling security scans to be conveniently triggered directly within the IDE. Moreover, it facilitates pinpointing problematic code directly in the code editor. This makes it an invaluable companion for smart contract authoring and auditing.

At MetaScan, we understand that security should be a natural part of the development process. Therefore, we are constantly working to expand the range of tools and environments where you can leverage MetaScan's capabilities. Please feel free to reach out to us with any suggestions or ideas to enhance your experience.

MetaScan Integrations

Comprehensive Audit Report

MetaScan can generate an intuitive and professional report on vulnerability scanning based on the scan results, accurately summarizing and classifying all security vulnerabilities detected and offering comprehensive remediation suggestions.

The report typically consists of the following sections:

  • Executive Summary provides an overview of the project and the scale of auditing, as well as the break down of findings in different severities.
  • Summary of Findings provides a concise overview of the identified issues and a full list of all the issues detected.
  • Finding Detail explores each finding individually, including the name, severity, and file locations of the security issue. It also includes a comprehensive description of the problem and recommendations for mitigating the issue.
Demo Audit Cover
Demo Audit Page 1
Demo Audit Page 2
Demo Audit Page 3
Demo Audit Page 4


From hobbyists to serious web3 businesses, we have a plan for you

Start free, no payment required
  • Full scan analysis
  • All scan engines available
  • Limited number of projects, organization members and scan history
  • 8,000 LoC per month
Best for individual security pros
  • Advanced AI capability included
  • PDF report export
  • Unlimited projects, organization members and scan history
  • 50,000 LoC per month
Starts at$599/mo.
For web3 projects, exchanges etc. of any scale
  • Analytic dashboard
  • Premium technical support
  • Included manual auditing service for annual subscription
  • Starts at 200,000 LoC per month

Why MetaScan?

Security should not be an afterthought, especially for web3 projects where the stakes are high as the code is immutable and the assets are real. MetaScan is a comprehensive security assessment tool that provides a holistic solution for smart contract security. It is designed to help developers and security experts identify and mitigate security vulnerabilities in smart contracts.

Extensive Checks

With over 150 security checkers, MetaScan provides comprehensive coverage for conventional security vulnerabilities and tokenomic loopholes.

Rapid Inspection

MetaScan uses automated security inspection to identify potential security flaws in the code and delivers customized security reports in a fraction of the time.

Accurate Detection

MetaScan incorporates multiple security engines, including Security Analyzer, Security Prover, Open Source Analyzer, IP Analyzer, and others, resulting in a 97% detection accuracy rate.

Cost-effective Audits

MetaScan is a low-cost option for auditing code, with audits costing only 1.5 cents per line of code, providing savings of up to 1000 times compared to traditional code audits.

Secure Your Web3 Project Today!

Partner with our web3 security experts for comprehensive consultancy or a demo of our tools & services.