Is it possible for AI-powered audit services to cause disruption in the auditing sector?

What are the primary obstacles faced in the auditing industry?
What is the purpose of an audit?
The importance of utilizing AI for smart contract audits
Areas in which AI has limitations
How to take advantage of AI tools
The Future Evolution of AI Audits
What are the primary obstacles faced in the auditing industry?
Decentralized applications (DApps) manage user assets through on-chain transactions, which means that projects with vulnerabilities in their governing smart contracts are at risk of critical issues like unauthorized extraction of user or pooled assets. To mitigate these risks, smart contract audits are conducted. However, users of established audit firms encounter several challenges:
The cost of traditional audit firms can be exorbitant, ranging from tens to hundreds of thousands of dollars.
There is an excessive focus on obtaining a “stamp of approval” from major audit firms, often overshadowing the primary objective of enhancing security.
Engaging an audit firm can cause delays in product launches and token listings due to the time required for audits.
The accuracy of reports and communication costs can vary significantly depending on the auditor handling the audit.
These challenges arise from the fact that audits are performed by humans. For example, a significant portion of the high costs charged by audit firms goes towards paying professional auditors. Additionally, human auditors can overlook details, and the process can be time-consuming. As a solution, audit firms powered by artificial intelligence (AI) have emerged.
What does an audit check?
The work of audit firms can be broadly categorized into two areas:
A: Identifying vulnerabilities by comparing clients’ contracts against known vulnerability patterns.
B: Identifying project-specific logic vulnerabilities and operational inconsistencies.
Typically, humans review the source code of the smart contract to identify vulnerabilities. However, auditors have varying knowledge and detection capabilities when it comes to vulnerability patterns, which can lead to potential oversights due to human error. This raises the question: How can AI address these issues?
The significance of using AI for smart contract audits
A: Comprehensive audit perspectives
One notable example of an AI-based audit firm is Bunzz Audit, which has a database that covers a wide range of vulnerability patterns. They employ an auditing approach that examines the code from every possible angle, allowing for comprehensive and accurate identification of vulnerabilities that would be impossible for humans to achieve.
The Bunzz team states:
Bunzz Audit has compared AI-based audits with human audits.


This report is an AI-based audit of a protocol called Lockon, which enables index investments in cryptocurrencies. The report was generated in approximately 48 hours. The Lockon team was surprised to learn that this was an AI-based report because they found the vulnerability points to be accurate.
B: Cost and duration of audits
Traditional audit firms employ numerous professional auditors, whereas AI-based audit firms do not have “auditors” in the traditional sense. Instead, a few smart contract professionals review the results produced by AI, significantly reducing audit costs to about one-tenth of traditional firms. Audit agencies can complete audits in 24 to 48 hours, compared to about two weeks for traditional firms, thus reducing the audit timeline by a factor of ten.
However, are AI-based audits the optimal solution? There are also weaknesses to consider.
Areas Where AI Falls Short
Audits involve identifying project-specific logic vulnerabilities and operational inconsistencies that are specific to the project’s context. This context is not programmed into the contract’s source code but exists in off-chain information such as white papers and documentation.
Without inputting this context into the AI, it is not possible to conduct checks on project-specific logic. Therefore, some AI-based audit services address this aspect through human auditors, providing a more comprehensive audit.
How to benefit from AI tools
While AI-based audits may not be flawless, they offer significant benefits for projects seeking to reduce audit costs. They are increasingly used as a “Pre Audit” before engaging traditional audit firms, as identifying critical bugs in advance can reduce the costs incurred for audits. Moreover, integrating AI-based audit services into the CI/CD process is starting to be seen as a way to enhance code quality.
The Future Evolution of AI Audits
In February 2024, Vitalik Buterin emphasized the potential of AI in assisting with formal verification of code and bug finding. He stated, “One application of AI that I am excited about is AI-assisted formal verification of code and bug finding,” and added:
Formal Verification addresses the identification of project-specific logic vulnerabilities and operational inconsistencies. Advancements in Formal Verification technology could make on-chain protocols more trustless.
Trustworthy, automation-based, on-chain ecosystems could evolve significantly, potentially matching the impact of advancements in ZK technology. Overcoming the major barrier of perfecting product specifications, which is costly for humans, could be significantly improved with the use of AI, as believed by Vitalik Buterin and pioneers like Bunzz Audit.
Learn more about Bunzz Audit
Disclaimer: Cointelegraph does not endorse any content or product on this page. While we strive to provide you with all the important information that we could gather in this sponsored article, readers should conduct their own research before making any decisions related to the company and assume full responsibility for their choices. This article should not be considered as investment advice.