How does Gatekick Labs approach threat modeling before writing any code?

Before any implementation begins, the team maps out every external entry point, privileged role, and asset flow in the system. Each interaction is evaluated for attack vectors including reentrancy, front running, oracle manipulation, and access control bypass. Gatekick Labs documents the threat model as a living artifact that evolves alongside the codebase, so new features are evaluated against known risks before they reach a pull request.

What is the difference between property based testing and traditional unit tests for smart contracts?

Unit tests verify specific inputs produce expected outputs. Property based tests define invariants that must hold across thousands of randomly generated inputs, catching edge cases that a developer would never think to write manually. Gatekick Labs uses tools like Foundry fuzz testing and Echidna to verify properties such as total supply conservation, access control consistency, and state transition correctness across millions of test runs.

How are gas costs evaluated during the design phase rather than after deployment?

Gatekick Labs profiles gas consumption during architecture by benchmarking storage patterns, function call chains, and loop structures against target budgets. If a critical operation exceeds acceptable gas at projected usage volumes, the design is restructured before implementation. This includes evaluating packed storage slots, calldata versus memory tradeoffs, and whether batch processing or off chain computation can reduce per transaction costs.

What does the external audit coordination process look like?

Gatekick Labs prepares the codebase for external audit by freezing the branch, completing internal review, writing comprehensive NatSpec documentation, and delivering a test suite with full coverage metrics. The team manages communication with the audit firm, triages findings as they arrive, and implements fixes in a tracked remediation branch. A final verification round confirms every critical and high severity finding is resolved before mainnet deployment.

How does Gatekick Labs handle upgradeability in smart contract architecture?

The approach depends on the project constraints. For systems that require post deployment changes, Gatekick Labs implements transparent proxy patterns or UUPS proxies with timelocked governance controls so upgrades are visible and reversible. For high trust systems where immutability is a feature, the architecture separates logic from configuration so parameters can change without modifying core contract code. Every upgradeability decision is documented with its security tradeoffs.

What happens when an audit finds critical issues close to the launch date?

The launch gets delayed. Gatekick Labs does not ship contracts with unresolved critical findings regardless of timeline pressure. The team immediately triages the issue, implements a fix, writes regression tests, and submits the remediation for auditor re-review. If the fix changes contract behavior materially, affected integration tests and downstream systems are updated as well. The timeline is revised and communicated transparently to all stakeholders.

Solutions Smart contracts

Smart contract systems.

Gatekick Labs designs, builds, audits, and secures smart contracts for any on-chain application. DeFi protocols, gaming platforms, token systems, governance, payments, and everything between. Security first, from the first line of code.

Solutions

What we build.

Every smart contract we write starts with a threat model, not a template. These are the systems we build most often, and the areas where our experience runs deepest.

DeFi Protocol Contracts

We build the core contract infrastructure for decentralized finance protocols. Automated market makers, lending pools, yield aggregators, and liquidity management systems designed for correctness under adversarial conditions.

AMM pool contracts with concentrated liquidity support
Lending and borrowing protocols with dynamic interest rate models
Yield aggregation vaults with multi strategy routing
Liquidity bootstrapping and migration contracts

Token Systems

We implement fungible and non fungible token contracts across ERC20, ERC721, ERC1155, and custom standards. Beyond the token itself, we build the vesting, distribution, and access control logic that makes a token actually useful.

ERC20 tokens with snapshots, permits, and vote delegation
ERC721 and ERC1155 contracts with on chain metadata
Vesting schedules with cliff, linear, and milestone unlocks
Merkle based airdrop and distribution contracts

Gaming and Randomness Contracts

On chain gaming demands provably fair randomness and fast settlement. We build game contracts that integrate Chainlink VRF or commit reveal schemes, handle house wallet management, and settle outcomes in ways players can verify.

VRF integrated game settlement for dice, roulette, slots, and crash
Commit reveal randomness for cost sensitive deployments
House wallet and bankroll management with variance protection
Multi player session contracts with atomic payout logic

Governance and Voting

We design governance systems that communities can actually use. Governor contracts, delegation mechanics, timelock controllers, and treasury management that balance decentralization against the ability to make decisions and move forward.

Governor contracts with configurable quorum and voting periods
Vote delegation with partial delegation support
Timelock controllers with role based execution
On chain treasury management with spending limits and approvals

Payment and Settlement

We build payment infrastructure that connects stablecoins and crypto rails to real business logic. Escrow contracts, payment splitting, recurring payment streams, and settlement systems that handle the edge cases of moving money on chain.

Stablecoin escrow with conditional release and dispute resolution
Payment splitters with configurable share ratios
Streaming payment contracts for salaries and subscriptions
Batch settlement for high volume transaction processing

Cross Chain and Bridge Contracts

We build the on chain components for cross chain communication. Message passing receivers, token bridge endpoints, and multi chain deployment strategies that keep state consistent across networks without introducing unnecessary trust assumptions.

Bridge endpoint contracts for token locking and minting
Cross chain message receivers with replay protection
Multi chain deployment with deterministic addresses
Chain abstraction layers for unified contract interfaces

NFT and Marketplace Contracts

We build minting infrastructure, royalty enforcement, auction mechanics, and marketplace logic for NFT projects. Not just the token, but the full lifecycle from creation through secondary trading, with on chain royalty compliance where it matters.

Lazy minting with signature based authorization
ERC2981 royalties with marketplace enforcement hooks
English and Dutch auction contracts with reserve prices
Marketplace listing and offer management with escrow

Staking and Rewards

We build staking pools and reward distribution systems that handle the math correctly. Proportional reward accrual, lockup periods, slashing conditions, and boost mechanics, all designed so the accounting stays accurate at scale over long time horizons.

Proportional reward distribution using accumulator patterns
Tiered lockup mechanics with early withdrawal penalties
Multi token reward pools with configurable emission schedules
Slashing conditions for validator and delegator staking

Use cases

Problems we have solved.

These scenarios reflect the types of engagements we take on. The problems vary, but the approach is consistent. Threat model first, then architecture, then code that earns its audit.

Secure custody contracts for a crypto exchange

A mid size crypto exchange needed to move from a centralized hot wallet to a smart contract based custody system with multisig controls, withdrawal limits, and time delayed large transfers. This type of project requires a carefully layered contract architecture with role based access, hardware wallet signing, withdrawal limits, and operational tooling that lets the treasury team manage daily operations safely.

3 weeks From design to testnet

Zero incidents Post deployment

High value Secured through contracts

Provably fair game contracts for a gaming platform

A gaming operator launching on chain needed verifiably random outcomes across five game types, with fast settlement and low gas costs. We integrated Chainlink VRF for high stakes games and designed a commit reveal scheme for frequent low stakes plays. The house wallet contract managed bankroll reserves automatically and exposed a real time solvency proof players could verify.

5 game types Shipped at launch

Sub 2s Average settlement

100% verifiable Randomness outcomes

Audited lending pool for a DeFi protocol

A DeFi team building a lending protocol needed contracts that could survive a formal audit without major findings. A project like this requires building the lending pool, interest rate model, liquidation engine, and oracle integration from the ground up. Invariant fuzzing runs against the full system for weeks before the external audit, targeting zero critical findings on first pass.

Zero critical Audit findings

Full coverage Including fuzz runs

4 chains Deployed across

Tokenized property assets for a real estate company

A real estate firm wanted to fractionalize commercial property ownership into tradeable on chain tokens with compliant transfer restrictions. The solution uses an ERC1155 based system where each property is a distinct token ID, with transfer hooks enforcing KYC status, holding limits, and jurisdiction restrictions. Dividend distribution runs on chain through a proportional reward contract.

Multi asset Tokenized at launch

Fully compliant Transfer restrictions

Automated Dividend distribution

Governance and treasury for a DAO

A protocol DAO needed governance contracts that its community would actually use, not a system so complex that proposals never reached quorum. The solution requires a Governor contract with tuned quorum thresholds, a delegation system that makes voting accessible to passive holders, a timelock for execution safety, and a treasury contract with spending tiers matched to the DAO's operational needs.

High participation Average voter turnout

Managed treasury Under governance

48h timelock On all executions

Our process

How we approach every contract.

Smart contracts are safety critical software. A bug does not produce an error message. It produces a loss of funds. Our process reflects that reality at every stage.

Discovery and Threat Modeling

We start by understanding who can call which function, under what conditions, and what the worst case outcome looks like for each path. We map out actors, attack surfaces, and economic incentives before writing any code. This threat model becomes the foundation document that every design decision references.

We also identify external dependencies early. Oracles, bridges, third party contracts, and off chain systems all introduce trust assumptions. We document each one and decide how the contract should behave when a dependency fails or returns unexpected data.

Architecture and Design

We define the contract's state machine explicitly. What states can it exist in, what transitions are valid, and what invariants must hold at all times. We choose upgrade patterns based on actual requirements, not convention. If a contract does not need upgradeability, it does not get a proxy. If it does, we pick the simplest pattern that satisfies the need.

Access control roles, function visibility, and admin capabilities are designed at this stage. We favour small surface areas. Every public function is a potential attack vector, so we only expose what is strictly necessary.

Implementation and Testing

We write the contract against the threat model, not against a feature checklist. Unit tests run from the first function. Integration tests cover multi contract interactions. We maintain a running list of assumptions and write tests that verify the contract fails loudly and safely when those assumptions are violated.

Gas optimization happens here, but never at the expense of clarity. A contract that costs ten percent less to execute but is twice as hard to reason about is a bad trade. We document every non obvious choice so the team that inherits the code never has to guess.

Security Review and Hardening

We run static analysis with Slither, symbolic execution with Mythril, and invariant fuzzing with Echidna as part of the normal development loop. Property based tests verify that critical invariants hold across thousands of randomized inputs. If a pattern is too clever to explain in a paragraph, we rewrite it.

We also think about the operational picture. Multisig configurations, pause mechanisms, emergency withdrawal paths, and incident playbooks. Good contracts fail gracefully, and graceful failure is a team discipline as much as a code discipline.

Audit Coordination

External audits are planned into the timeline from the beginning, not bolted on at the end. We prepare the codebase with comprehensive NatSpec documentation, architecture diagrams, and a list of known assumptions and areas of concern. When auditors receive the code, they spend their time on deep analysis, not orientation.

We help triage findings by severity and coordinate fixes. By the time code reaches an external auditor, our internal review has already caught the common issues. The audit becomes a confirmation pass rather than a discovery pass.

Deployment and Monitoring

We deploy through deterministic scripts that produce the same result on every run. Constructor arguments, proxy initialization, and role assignments are all scripted and version controlled. Nothing is configured by hand. Post deployment, we verify source code on block explorers and confirm that the on chain bytecode matches the audited source.

We set up monitoring for critical contract events, balance thresholds, and unusual transaction patterns. If something unexpected happens at two in the morning, the team knows about it and has a playbook for responding.

Security approach

Security is a discipline, not a checkbox.

A smart contract bug can mean immediate, irreversible loss of user funds. There is no rollback, no hotfix, and no customer support escalation. Our security methodology reflects the weight of that reality.

Threat Modeling Framework

Every engagement begins with a structured threat model. We identify actors (users, admins, attackers, bots), map their capabilities, define what they should and should not be able to do, and enumerate the economic incentives that might motivate an exploit. The threat model is a living document that evolves as the contract design evolves.

We pay particular attention to composability risks. A contract that is secure in isolation may become vulnerable when composed with other protocols, flash loan providers, or MEV bots. We model these interactions explicitly.

Vulnerability Classes We Check

We systematically review for known vulnerability patterns across every contract we build.

Reentrancy via external calls and cross function reentrancy
Access control gaps, missing modifiers, and privilege escalation
Front running and sandwich attack exposure
Oracle manipulation through price feed or TWAP exploits
Flash loan attacks that exploit single transaction composability
Integer overflow and precision loss in financial calculations
Denial of service through gas griefing or unbounded loops
Storage collision in upgradeable proxy patterns

Testing Methodology

We layer multiple testing strategies because no single approach catches everything.

Unit tests for individual function correctness and edge cases
Integration tests for multi contract interaction flows
Property based testing to verify invariants hold across random inputs
Invariant fuzzing with Echidna to explore state spaces humans miss
Fork testing against live mainnet state for realistic conditions
Gas snapshot tests to catch unexpected cost regressions

Formal Verification

For high value contracts where the cost of failure justifies the investment, we apply formal verification using Certora Prover. Formal verification mathematically proves that specified properties hold across all possible inputs, not just the inputs we thought to test. We use it to verify critical invariants like "total supply always equals sum of all balances" or "no user can withdraw more than their deposited amount."

Formal verification is not a replacement for testing or audits. It is an additional layer of assurance for the properties that matter most. We recommend it selectively, for the contracts and invariants where the stakes justify the effort.

Audit coordination

Audits that confirm, not discover.

External audits are essential. But an audit should validate your security posture, not be the first time anyone looks at the code critically. We prepare so thoroughly that auditors can focus on the hard problems.

Early Planning

We schedule audits at the beginning of a project, not the end. Audit firms have multi week lead times and queues that can stretch for months. We book audit slots early and design the development timeline so code is audit ready when the window opens. This prevents the common failure mode where an audit becomes the last minute bottleneck before launch.

Code Preparation

Before code reaches an auditor, we prepare a complete package. NatSpec documentation on every public function. Architecture diagrams showing contract relationships and data flows. A document listing known assumptions, areas of concern, and design decisions that need scrutiny. The goal is to let auditors spend their hours on deep analysis, not figuring out what the code is supposed to do.

Findings Triage

Auditors will find issues. Some are critical vulnerabilities that must be fixed before deployment. Some are medium severity concerns worth addressing. Some are informational suggestions or gas optimizations. We help you assess each finding, understand its real world impact, and prioritize fixes based on risk rather than treating every finding with equal urgency.

Recommended Audit Partners

We work with and recommend established audit firms based on the specific technology and domain. For EVM contracts, firms like Trail of Bits, OpenZeppelin, Consensys Diligence, and Spearbit are strong options depending on scope. For Solana programs, OtterSec and Neodyme specialize in Rust based audits. We help you choose the right firm for your protocol's needs and budget.

Technology stack

Tools we use daily.

We choose tools based on the problem, not habit. These are the languages, frameworks, and security tooling we work with across our smart contract engagements.

EVM Development

Solidity is our primary language for EVM chains. We use both Hardhat and Foundry depending on project needs. Hardhat for teams that prefer JavaScript tooling and plugin ecosystems. Foundry for projects that benefit from fast Solidity native testing and fuzzing.

Solidity Hardhat Foundry Ethers.js Viem Vyper

Solana Development

For Solana programs, we write in Rust using the Anchor framework. Anchor provides the structure and safety checks that make Solana development less error prone, while still allowing low level optimization where performance demands it.

Rust Anchor Solana CLI Metaplex

Standards and Libraries

We build on established, audited libraries rather than rewriting standard functionality. OpenZeppelin contracts provide battle tested implementations for access control, token standards, and common patterns. We extend them when needed but avoid unnecessary customization of code that has already survived years of production use.

OpenZeppelin Solmate Chainlink Uniswap V3 Core ERC2981 EIP 4626

Security and Analysis

Security tooling runs continuously during development, not as a final check. Static analysis catches common patterns. Symbolic execution explores paths humans overlook. Fuzzing discovers edge cases that unit tests miss. Formal verification proves critical invariants mathematically.

Slither Mythril Echidna Certora Prover Foundry Fuzz Semgrep

Tell us what your contracts need to survive.

A short description of the system, the chain, and the threats you care about is enough for us to say whether we can help.

Talk to us