Kairos Lab · Pricing

Transparent rates

Scope-based pricing, no retainer, no hourly surprise. You know the price before we start. All tiers include re-test for Critical & High findings.

Engagement tiers

// Starter

Focused Review

€1 500

flat rate · 2-day engagement

Best for: single smart contract (<500 LOC), landing page + API (<10 endpoints), or specific threat model review.

✓Manual review of defined scope

✓Kairos Scanner v1 (44 modules)

✓Full report (findings + PoCs + remediation)

✓Re-test cycle for Critical/High

✓Delivery within 48h of engagement close

Request Focused Review

// Standard · Most common

Full Audit

€3 500

flat rate · 5-day engagement

Best for: full-stack Web3 app (frontend + API + contracts), DeFi protocol, or auth system. Up to 2 000 LOC contracts + full API surface.

✓Everything in Focused Review

✓Smart contract + Web app + API combined

✓Foundry fuzz testing + Slither + Aderyn

✓Exploit log with full attack chains

✓Infrastructure map + JS bundle forensics

✓KPPE on-chain anchoring of report hash

✓Public anonymized version (optional)

Request Full Audit

// Enterprise

Deep Engagement

Custom

scoped · 2–4 week engagement

Best for: large protocol (>2 000 LOC), multi-component system, formal verification requirement, or ongoing security partnership.

✓Everything in Full Audit

✓Formal verification via Halmos (critical paths)

✓Threat model + architecture review

✓Multiple re-test cycles

✓Direct communication channel (Signal/Telegram)

✓Optional: retainer for ongoing monitoring

Get a Custom Quote

Good to know

Prices above are starting points. Final price is confirmed after a brief scoping call — no surprises. If your scope is smaller or larger than the tier describes, we'll adjust. Payment: 50% upfront, 50% on report delivery. Crypto (ETH/USDC on Base) or bank transfer accepted.

FAQ

How long does a typical audit take?

Focused Review: 2 days. Full Audit: 5 days. Deep Engagement: 2–4 weeks. These are calendar days from engagement start to report delivery, not business days.

Do you offer a bug bounty model?

Not currently. We work on fixed-scope, fixed-price engagements. This ensures coverage of the full attack surface rather than cherry-picking high-severity findings.

What is KPPE on-chain anchoring?

The K-PPE (Kairos Proof Protocol Engine) anchors a hash of your final report to Base Mainnet. Anyone can verify the report hasn't been tampered with post-delivery. This is optional and available at no extra cost on Full Audit and above.

Can the report be made public?

Yes. All client-identifying information is anonymized (codenames like TGT-α, TGT-β). You decide whether to publish the anonymized version. It can be added to our public audit registry at kairos-lab.org/audits.

What if more findings are discovered than expected?

All findings within the defined scope are included in the price. We don't charge per finding. If we discover something clearly out of scope during the engagement, we'll flag it and quote separately.