spec-to-code-compliance
Verifies that a smart contract codebase implements exactly what its specification documents describe.
Setup & Installation
What This Skill Does
Verifies that a smart contract codebase implements exactly what its specification documents describe. It works by extracting intent from whitepapers, design docs, and protocol specs, then mapping each claim to actual code behavior across logic, math, invariants, access control, and state transitions. Gaps, divergences, and undocumented behaviors are classified by severity and reported with full evidence traces.
Manual spec-to-code review misses subtle divergences because auditors rely on intuition rather than exhaustive line-by-line extraction and alignment against a structured IR, which this skill enforces mechanically.
When to use it
- Checking a DeFi protocol implementation against its published whitepaper before launch
- Finding missing invariant enforcement in a smart contract that the spec requires
- Auditing a token contract to confirm fee logic matches the design document formulas
- Detecting undocumented code paths in a bridge contract not covered by any spec section
- Tracing access control drift between a protocol's trust model and its actual modifier logic
Similar Skills
best-practices
A checklist of modern web development standards covering HTTPS, CSP headers, input sanitization, deprecated API avoidance, and HTML validity.
auth0-android
Adds authentication to native Android apps using the Auth0 SDK.
auth0-angular
Adds authentication to Angular apps using the @auth0/auth0-angular SDK.
auth0-aspnetcore-api
Adds JWT access token validation to ASP.