Before the audit begins, compile a single document with all the of information we will need to complete the audit. Here is a showcase example. This document should include:
[ ] A link to the documentation that describes the project’s:
<aside> 👉 Here is an example from thirdweb
</aside>
[ ] A link to the code repository and the commit hash indicating the code-freeze for the audit
<aside> ‼️ We will perform the audit on this commit hash; any changes made later won’t be in the scope of the audit, apart from the fixes review.
</aside>
[ ] Scoping details
[ ] A link to the specific branch that will contain fixes to issues we find during the audit
[ ] A description of your internal security efforts. Include:
[ ] Identification of code that may require more attention and time. For example:
[ ] Identification of code, concepts, or ideas that are borrowed from or similar to other protocols
What we need to deliver an estimate
How to get the best estimate and audit