ContractGuard Logo

Security Disclaimer

Last Updated: December 2, 2025

⚠️ Important Warning

READ THIS CAREFULLY BEFORE USING CONTRACTGUARD

ContractGuard is an automated security analysis tool and does NOT provide comprehensive security guarantees. Our service should be used as ONE PART of a multi-layered security approach, not as a substitute for professional security audits.

1. No Guarantee of Security

ContractGuard uses AI and automated tools to analyze smart contracts, but:

  • AI is not perfect: AI models can miss vulnerabilities or produce false positives
  • Coverage is limited: We detect common vulnerability patterns, but new attack vectors emerge constantly
  • Context matters: Automated tools cannot understand the full business logic or intended behavior
  • No liability: We are not responsible for exploits, hacks, or losses resulting from vulnerabilities

2. Limitations of Automated Analysis

What ContractGuard CAN Do:

  • Detect common vulnerability patterns (reentrancy, overflow, access control issues)
  • Provide AI-powered code quality assessment
  • Identify potential security risks quickly
  • Serve as a first-pass security screening tool

What ContractGuard CANNOT Do:

  • Guarantee 100% security or vulnerability-free code
  • Understand complex business logic or economic attack vectors
  • Detect zero-day exploits or novel attack patterns
  • Replace manual code review by experienced security professionals
  • Audit off-chain components, oracles, or external dependencies
  • Test the contract in real-world conditions

3. Professional Audits Are Recommended

For Production Contracts

If you are deploying a smart contract that will handle real value, we STRONGLY RECOMMEND obtaining a professional security audit from reputable firms such as:

  • Trail of Bits
  • OpenZeppelin
  • ConsenSys Diligence
  • ChainSecurity
  • Halborn

4. Use Cases and Appropriate Usage

✅ Good Use Cases:

  • Quick security screening during development
  • Educational purposes and learning about vulnerabilities
  • Pre-audit checks before engaging professional auditors
  • Analyzing public contracts for research
  • Continuous monitoring of deployed contracts

❌ Inappropriate Use Cases:

  • As the sole security measure before production deployment
  • For high-value DeFi protocols without professional audits
  • As a replacement for security best practices and testing
  • Making investment decisions based solely on our reports

5. Your Responsibilities

As a user of ContractGuard, you are responsible for:

  • Due diligence: Conduct thorough testing and review beyond automated tools
  • Professional audits: Engage security professionals for production contracts
  • Continuous monitoring: Security is ongoing, not a one-time check
  • Updates and patches: Stay informed about new vulnerabilities in your dependencies
  • Risk assessment: Understand the potential financial and reputational risks

6. No Liability for Losses

CRITICAL DISCLAIMER

CONTRACTGUARD AND ITS OPERATORS ARE NOT LIABLE FOR ANY:

  • Financial losses from exploited vulnerabilities
  • Damages from false negatives (missed vulnerabilities)
  • Costs associated with security breaches
  • Reputational harm or business losses
  • Any direct, indirect, incidental, or consequential damages

YOU USE CONTRACTGUARD AT YOUR OWN RISK. We provide a tool to assist in security analysis, but the ultimate responsibility for contract security lies with you.

7. Not Financial or Legal Advice

ContractGuard's analysis and reports:

  • Are for informational purposes only
  • Do not constitute financial, legal, or investment advice
  • Should not be relied upon for making investment decisions
  • Do not represent an endorsement or recommendation

8. Service Limitations

Be aware of these technical limitations:

  • We can only analyze verified contracts with published source code
  • Analysis is based on static code analysis and AI models
  • We do not execute contracts or test them in live conditions
  • Complex interactions between multiple contracts may not be fully analyzed
  • Our vulnerability database is updated regularly but may not include the latest threats

9. Best Practices Recommendation

We recommend this security approach for production smart contracts:

  1. Development: Follow secure coding standards and best practices
  2. Testing: Comprehensive unit tests, integration tests, and fuzzing
  3. Automated tools: Use ContractGuard and other static analysis tools
  4. Professional audit: Engage 1-2 reputable security firms
  5. Bug bounty: Launch a bug bounty program
  6. Gradual rollout: Start with limited funds and scale carefully
  7. Monitoring: Continuous monitoring and incident response plan

By using ContractGuard, you acknowledge:

  • You have read and understood this disclaimer
  • You accept the limitations of automated security analysis
  • You will not rely solely on ContractGuard for production security
  • You accept all risks associated with smart contract deployment
  • You will obtain professional audits for high-value contracts