Consensys Diligence has been part of MetaMask's security story for years, with engagements including MetaMask EIP-7715, MetaMask USD, and MetaMask Snaps.
The Snaps project specifically is one of the strongest examples of this long-running collaboration. Diligence’s auditors produced several of the foundational security resources of the ecosystem: the MetaMask Trust Module, the Snaps Security Essentials Guide, which classified the most common Snap vulnerability categories, and Snapguardian, a tailored tool for automated security analysis.
Snaps engagements were also among the first playgrounds where Diligence applied early AI automation for auditing, first as ChatGPT workflows and later as MCP-connected coding agents. That early integration is the foundation of what came next, Chonky.
From manual security audits to Chonky
Across the security industry, AI is changing how audits work. Decades of auditors' knowledge are being codified into AI workflows, and the shift from fully manual to AI-based auditing is underway. Diligence's expression of this shift is Chonky.
Chonky is the team’s latest AI-augmented audit methodology: a customized agentic harness with security-specific knowledge sets, audit-calibrated workflows, and issue taxonomies, built on eight years of Ethereum security expertise. Chonky is language-agnostic: not tied to Solidity or any single audit surface. The same methodology adapts to large application codebases, other languages, and zkVMs.
Conceived with extensibility-first as a core design principle, it's built on more than 100k past vulnerability findings from Ethereum’s wider ecosystem. The key is mapping this security knowledge to the target’s threat model, and generating context-specific hypotheses for the codebase under review. Chonky knows what to look for in a wallet like MetaMask because years of close security partnership are baked into the tooling. Auditors steer the process, and Chonky surfaces candidates that extend their reach and research capacity.
Across the latest engagements, Diligence's auditors used Chonky for two distinct use cases on MetaMask’s stack: a large smart contract integration and a Snap audit.
Going wide and going deep on a smart contract integration
Large codebases require deliberate allocation of review effort and time. Auditors applied Chonky as a methodology, each choosing their own preferred approach. This produced two complementary techniques: breadth-first vulnerability mining and depth-first manual review.
Vulnerability mining is Diligence's main AI-augmented review method, built on top of Chonky. The auditor customizes the agent for each engagement: defining what to search for, where to look, and which assumptions to test. On this engagement, the breadth-first auditor loaded MetaMask primers to surface candidate findings from different viewpoints. The agent produces candidates; the auditor triages them, confirming which are real, discarding false positives, and refining the next pass. Since AI can't yet reliably verify its own conclusions, triage became one of the core auditor skills and a crucial step in the pipeline.
The mining also extended coverage beyond the original audit scope. False positives turned into part of the threat-model review. Even when a candidate issue doesn't hold as a finding, it still tests the boundary between intended functionality and exploitable behavior. It pushes the auditor toward the right security questions.
The depth-first approach applied Chonky's workflows differently. They were used upfront to build a deep contextual understanding of the integration codebase. From that foundation, auditors went depth-first into the components they flagged as the highest risk. In each case, the auditor chose the approach that would scale what they could reach.
Plugging audit findings into a developer's workflow
On a second engagement, Chonky was applied to a new MetaMask Snap: a TypeScript institutional repository. The long history of Snap audits now sits inside the tooling. What changed is speed. Chonky now runs with primers tuned specifically for the Snaps framework, with scoping calibrated for their recurrent behaviors.
In this case, triaging moved to MetaMask’s side. Diligence's auditors ran an audit of the Snap's codebase, shaped its output in a developer-interactive custom interface, and built a triage workflow integrated into MetaMask's GitHub environment. MetaMask’s team could review and respond to findings inside their existing development process.
Diligence's deep familiarity with the Snaps ecosystem, combined with Chonky's extensible stack, allowed the audit output to plug directly into MetaMask's review flow. This same approach extends beyond Snaps and applies to any team with an established development workflow.
A methodology that gets sharper with every engagement
Codebases are getting larger. Threat surfaces are expanding. The auditor's role is shifting: a new layer has been added, the triage phase, where the auditor's judgment carries the security work.
The result is a review process that goes beyond pointing an AI at a codebase. It's work that reaches angles a manual review couldn't cover in the time available. Each engagement trains the methodology further: triage feedback sharpens Chonky's knowledge base over time, reducing false positives and increasing detection precision.
For MetaMask, that means the same methodology can move across the software stack: smart contracts, Snaps, and other surface areas reviewed by a security partner already familiar with the architecture.
Sharing responsibility of securing the ecosystem is vital and in the spirit of the decentralization principles that web3 holds dear. Consensys Diligence is proud to be working towards this goal alongside the MetaMask team.