00 The honest answer

AI is enough for most of it. A human is essential for the rest.

The real question isn't AI versus a human auditor — it's which bugs each one is actually good at. Here's the concrete split by class, a side-by-side comparison, and how to combine them without overpaying for either.

Start an audit Jump to the comparison →
01Where AI wins

The mechanical bug classes — caught on every commit.

These are the classes that recur across the historical-exploit corpus and have a stable shape to match — so the verdict can be proven against the code, not guessed.

Reentrancy
Cross-function and cross-contract reentrant paths — an external call made before internal state is updated, in vault, router, and callback flows.
provable on the call graph
Oracle & price manipulation
Staleness windows, single-source spot reads, and flash-loan-inflated prices that break liquidation and collateral math.
pattern-stable
Access control & privilege escalation
Unprotected admin entrypoints, missing timelocks, and role boundaries an attacker can step across to reach privileged state.
checkable against roles
Accounting & invariant drift
Divergence between internal accounting and real token balances — the moment totalSupply stops equaling the sum of balances.
graded vs invariants
Unchecked external calls
Swallowed transfer failures and ignored low-level call return values that let a failed step pass as a success.
provable on the code
Known-pattern arithmetic & init bugs
Unchecked math edges, uninitialized proxies, and missing zero-address guards — the recurring shapes from prior exploits.
corpus-backed

For these, the verdict can be proven against the code — and criticals come with a working exploit on a mainnet fork. That's why running it on every commit costs $200, not $50,000.

02Where a human still wins

And the bugs no model should be trusted to find alone.

These don't have a stable pattern to match. They live in intent, economics, and the seams between protocols — where judgment beats recall.

Novel & bespoke MEV / ordering attacks
Value extraction that depends on mempool dynamics and a sequence of transactions unique to your protocol — there is no prior exploit to pattern-match against.
no stable pattern
Cross-protocol composition risk
Assumptions that hold in isolation but break when your contract is one leg of a larger stack — a lending market on an LP token on a rebasing asset.
needs systems Guardix never sees
Economic & game-theoretic design
Incentive misalignment, bad liquidation and parameter design, governance capture, and bank-run dynamics. The code is correct; the mechanism is exploitable.
the bug is in the design
Intent & spec gaps
The code does exactly what it says — but what it says is wrong. A human who interviews the team catches the missing requirement; a model only sees the code.
needs the team's intent

Guardix doesn't pretend to catch these. When it can't prove a finding either way, it doesn't silently drop it — it marks it needs_manual and puts it in front of a person. The concession is built into the product, not just this page.

03Side by side

The trade-offs, dimension by dimension.

An honest table hands rows to both columns. The accent check marks a Guardix advantage; the open dot marks a row where a human auditor leads.

Guardix

AI audit, run on every commit

Manual audit

Human firm, per engagement

Turnaround
1–3 hours, on demand
2–4 weeks, scheduled
Cost
$200, flat
$50,000+ per engagement
Re-audit cadence
Every commit, same price — diffed vs the last scan
One-shot — stale after the next commit
Critical findings
Proven with a working exploit on a mainnet fork
Written up, not executed
Mechanical bug classes
Reliable and repeatable on every run
Reliable
Output
Versioned interactive dashboard + shareable report
PDF report

Run Guardix on every commit, then spend the human budget where it actually pays — the novel paths a model can't own.

04The combined workflow

Not either/or. Guardix first, continuously — humans on the novel paths.

The two layers don't compete. Sequenced right, the cheap one clears the floor so the expensive one only does the work it's uniquely good at.

1 Guardix first

Clear the mechanical floor before you book a human.

Run a full audit before the expensive engagement. You arrive with reentrancy, oracle, access-control, and accounting classes already cleared — and the criticals already proven on a fork.

2 Continuous, every commit

The mechanical floor never goes stale.

Each commit is re-audited and diffed against the last scan, so the human's report doesn't rot the moment you push a fix. Anything Guardix can't prove either way accumulates into a needs_manual queue — the exact shortlist for a person.

scan history · main diffed
e7b2f4a −3 critical
c91d3e8 2 needs_manual
3 Humans on the novel paths

Spend the expensive hours on judgment.

Hand the auditor the categories a model can't own — MEV, cross-protocol composition, economic design — plus the needs_manual queue. They spend their hours thinking, not re-finding bugs a machine already proved.

You don't pay an auditor $50k to find a reentrancy a $200 run already proved with an exploit. You pay them to think about the attacks a machine can't.

Start with Guardix. Save the human budget for the hard part.

Run a full audit in hours for $200, on every commit — and walk into your human engagement with the mechanical classes already cleared.

Start an auditView pricing