Category: web3 security firm / public audit-report archive / independent-researcher audit network / formal-verification and infrastructure review services
Summary: Adevar Labs is better cataloged as security-review infrastructure than as a generic smart-contract audit boutique. Its official site emphasizes white-box reviews across Rust, Solidity, Move, consensus protocols, and infrastructure, while the public GitHub repo functions as a consent-based archive of client-approved reports across Solana, Aptos, EVM, Fogo, and stablecoin or DeFi infrastructure projects. The firm also highlights an unusual model where it scales a core team through a vetted network of independent researchers, including well-known tooling and audit specialists. That combination makes Adevar Labs look like a public security-reporting and specialist-audit coordination layer rather than just another closed-door services shop.
What it does:
Audits web3 systems across onchain code, consensus protocols, and infrastructure rather than limiting itself to EVM smart contracts
Focuses especially on Rust and Solidity work across Solana and Ethereum, while also reviewing Move, Go, Vyper, Yul, C++, Clarity, and FunC codebases
Offers methodology that includes discovery, threat modeling, manual code review, targeted fuzz testing, formal verification, infrastructure review, and fix review
Maintains a public GitHub archive of client-approved audit reports with standardized filenames, chain tags, project types, and downloadable PDFs
Presents findings in a way intended to be understandable to non-technical stakeholders, not only protocol engineers
Lets clients handpick from a network of vetted independent researchers with backgrounds spanning Slither, Manticore, Echidna, Mythril, contest judging, and many Rust or Solana audits
Key claims:
The homepage says Adevar audits web3 systems “from on-chain code (DeFi) and consensus protocols to infrastructure” and calls Rust and Solidity on Solana and Ethereum its bread and butter
The homepage says the methodology includes threat modeling, manual code review, advanced testing with fuzzing and formal verification, infrastructure review, and fix review
The homepage claims 100+ web3 audits, $700M+ secured onchain, and 1300+ academic citations tied to the founders’ research background
The about page says Adevar is built by security researchers whose work has advanced blockchain theory and practice, and lists internal team members plus advisors linked to Asymmetric Research, Aon, and infrastructure security backgrounds
The about page says clients may handpick top-tier independent researchers, then names collaborators such as Josselin Feist, Bernhard Mueller, and numerous Rust-, Solana-, Move-, and Cairo-focused auditors
The GitHub audit-reports repository says it is the official repository of public security audit reports conducted by Adevar Labs and explicitly frames transparency as fundamental to a more secure digital ecosystem
The GitHub repository says all published reports are client-approved, use a standardized naming structure, and include executive summaries, assumptions, severity-categorized findings, and enhancement notes
The public report list shows repeat work across projects such as GLAM, M0, DoubleZero, Pact, LI.FI, Loopscale, and other Solana, Aptos, EVM, Fogo, and stablecoin-related systems
Whitepaper: No canonical standalone Adevar Labs whitepaper or litepaper surfaced in this pass. The clearest current sources of truth were the official site, the about page, and the public GitHub audit-report archive; see ../whitepapers/adevar-labs-primary-sources-2026-05-07.md.