Independent Audits

For the most complete and current overview of all third-party and internal reviews, see our documentation:
🔗 Scroll – Audits & Bug Bounty

Scroll has worked with several industry-leading security audit firms to review our codebase, with critical code receiving reviews from multiple teams, including Trail of Bits, OpenZeppelin, Zellic, and KALOS.

zkEVM circuits

• Trail of Bits

  • Wave 1
  • Wave 2
  • Wave 3
  • EIP-4844 Blob Support

• Zellic and Kalos

  • Wave 1
  • Wave 2

Node implementation

• Trail of Bits
  • zkTrie
  • L2geth
  • L2geth diff

Bridge and rollup contract

• OpenZeppelin
  • Phase 1
  • Phase 2
  • GasSwap, Multiple Verifier, Wrapped Ether and Diff
  • ScrollOwner and Rate Limiter
  • USDC Gateway
  • Contract diff
  • Bridge Gas Optimizations
• Zellic
  • Report 1
  • Report 2
  • Lido Gateway

Euclid Upgrade

• Trail of Bits
  • Phase 1
  • Phase 2

Feynman Upgrade

• Trail of Bits
  • Report
• Internal
  • Internal Report

Galileo Upgrade

• Internal
  • Internal Report