Documentation
Everything you need to secure your smart contracts with AI-powered analysis
Introduction
AI-Powered Smart Contract Security Auditing
What is Thetanium?
Thetanium is building the security infrastructure for Web3. Our AI-powered platform combines static analysis with large language models to deliver comprehensive smart contract security analysis in minutes, not weeks.
The Problem We Solve
Smart contract security is broken. Billions of dollars flow through decentralized protocols, yet over $6 billion has been lost to preventable exploits. Traditional audits cost $30K-$500K and take weeks, leaving 95% of contracts unaudited.
Our Approach
Multi-agent AI security analysis. Fast, thorough, and accessible to every project. Optional human expert review on request.
Supported Ecosystems
Who Is This For
Built for developers, auditors, and protocols alike
Solo Developers
Building your first DeFi protocol or NFT project? Get professional-grade security analysis without the $50K+ price tag.
Development Teams
Integrate security checks into your CI/CD pipeline. Catch vulnerabilities before they reach production.
Security Auditors
Augment your manual review with AI-powered analysis. Find more issues faster and reduce audit time.
DAOs & Protocols
Protect treasury funds and user assets. Demonstrate security diligence to your community.
Why Thetanium
How we compare to alternatives
| Feature | Thetanium | Static Tools | Manual Audit |
|---|---|---|---|
| Business Logic Analysis | |||
| Natural Language Explanations | |||
| False Positive Filtering | |||
| Minutes to Complete | |||
| Affordable for All | |||
| Human Expert Review | Hybrid |
Products
Our complete security suite
ThetaCore Scanner
AvailableAI-powered vulnerability detection with natural language explanations. Paste your code and get a comprehensive security report in minutes.
Chat with Theta
Coming SoonConversational interface for security questions and code review. Ask questions about your contracts and get instant answers.
Expert Review
AvailableAI analysis combined with expert human review for high-stakes deployments. Includes continuous monitoring and 24/7 security oversight for critical contracts.
Theta Arena
Coming SoonCompetitive audit platform connecting protocols with security researchers. Crowdsourced security with incentive alignment.
Quick Start
Get scanning in 5 simple steps
Sign Up or Sign In
Create an account or sign in. New users receive 10 free credits to get started.
Submit Your Contract
Navigate to Dashboard → New Scan. You have three options: paste your code directly, upload a .sol file, or paste a GitHub URL to scan directly from a public repository.
Choose Scan Type
Select the analysis depth based on your needs:
Review Results
Analysis typically completes in 2-5 minutes. View findings organized by severity, with detailed explanations and remediation suggestions.
Export & Share
Download your report as PDF, Markdown, or JSON. Enable sharing to get a public link for stakeholders.
Understanding Results
How to read your security report
Immediate risk of fund loss or complete contract compromise. Must fix before deployment.
Examples: reentrancy, unprotected selfdestruct, arbitrary external calls
Significant vulnerability that could lead to loss under certain conditions.
Examples: missing access control, integer overflow in critical functions
Issues that could cause problems but require specific conditions to exploit.
Examples: centralization risks, missing event emissions, gas inefficiencies
Best practice suggestions or minor issues with minimal security impact.
Examples: code style, documentation suggestions, optimization opportunities
PDF, Markdown, and JSON for your workflow
Generate public links for team members
Each finding includes exact code location
Actionable fix suggestions per vulnerability
Multi-Agent Analysis
How our specialized AI agents work together
Our Standard scan uses a sophisticated three-phase pipeline that combines broad analysis with deep, granular inspection:
Full Contract Analysis
Multiple specialized agents analyze the entire contract simultaneously, identifying vulnerabilities, access control issues, and business logic flaws from a holistic perspective.
Function-by-Function Deep Dive
Each function is analyzed individually with full contract context. This granular approach catches subtle bugs that whole-contract analysis might miss.
Cross-Function Synthesis
Findings are synthesized to identify vulnerabilities from function interactions, such as reentrancy paths or state inconsistencies.
Each agent specializes in detecting specific vulnerability categories:
Coordinates the analysis pipeline, routes tasks to specialized agents, manages the three-phase workflow, and aggregates results into a cohesive report.
Performs deep vulnerability analysis using LLM reasoning to identify security issues like reentrancy, overflow, and logic flaws.
Identifies economic exploits, oracle manipulation, specification mismatches, and DeFi protocol vulnerabilities.
Specializes in permission flaws, missing modifiers, authorization issues, and privilege escalation vulnerabilities.
Detects novel and emerging vulnerabilities not covered by specialized agents using general security knowledge.
Reviews all findings to filter false positives, validate severity levels, cross-reference between phases, and ensure report accuracy.
Best Practices
Tips for getting the most out of your scans
Flatten Your Contracts
For multi-file projects, flatten your contracts to combine all imports into a single file. This ensures the AI has full context of all dependencies.
Solidity - Hardhat:
npx hardhat flatten contracts/MyContract.sol > flattened.solSolidity - Foundry:
forge flatten src/MyContract.sol -o flattened.solAnchor/Solana:
For Anchor programs, use the main lib.rs file. For multi-file projects, concatenate your modules:
cat programs/myprogram/src/*.rs > flattened.rsNative Solana:
cat src/*.rs > flattened.rsChoose the Right Scan Type
- Quick Scan: Fast iteration during development, syntax checks
- Standard Scan: Pre-deployment review, comprehensive multi-agent analysis
Use GitHub URLs for Quick Access
Scan Early, Scan Often
Review and Re-scan After Fixes
Limitations
Important considerations for AI-powered analysis
Not a Replacement for Human Audits
For high-value or critical contracts, we strongly recommend combining AI analysis with a professional human audit. AI augments human expertise; it doesn't replace it.
What AI Analysis Can Do
What AI Analysis Cannot Do
Our recommendation: Use Thetanium as part of a comprehensive security strategy that includes code reviews, testing, static analysis, and for high-stakes contracts, professional human audits.
Credits & Pricing
Simple, transparent pricing
Credit Packages
Scan Costs
Support & Community
Get help and connect with us
Frequently Asked Questions
Quick answers to common questions