Re-Scanning

Learn when and how to re-scan your contracts.

When to Re-Scan

After Code Changes

Re-scan when you:

• Fix vulnerabilities
• Add new features
• Refactor existing code
• Update dependencies
• Change contract logic

Before Deployment

Always re-scan:

• Before mainnet deployment
• Before testnet launch
• After any code review changes
• When moving to production

Periodic Checks

Consider regular scans:

• Weekly during active development
• Before each release
• When new scanners are added

---

How to Re-Scan

Quick Re-Scan

Repeat the same scan:

1. Go to Scans
2. Find the original scan
3. Click Re-Scan
4. Same scanners run automatically

Modified Re-Scan

Change settings before re-scanning:

1. Go to Scans
2. Find the original scan
3. Click Re-Scan
4. Click Modify Settings
5. Adjust scanners or options
6. Click Start Scan

From Contract

Re-scan from contract view:

1. Go to Contracts
2. Click the contract
3. Click Scan
4. Choose preset or custom
5. Click Start Scan

---

Comparing Scans

Side-by-Side Comparison

See what changed between scans:

1. Go to Scans
2. Select two scans (checkboxes)
3. Click Compare
4. View differences

Comparison Shows

Section	Shows
New findings	Issues introduced since last scan
Fixed findings	Issues no longer present
Unchanged	Persistent issues
Code diff	Source code changes

Using Comparison

• Verify fixes worked
• Catch regressions
• Track progress over time

---

Scan History

Viewing History

Each contract has a scan history:

1. Go to Contracts
2. Click the contract
3. Scroll to Scan History

Shows:

• All scans for this contract
• Date and time
• Scanners used
• Finding counts

Trend Analysis

The dashboard shows:

• Findings over time
• Trend direction (improving/worsening)
• Comparison to previous scans

---

Re-Scan Strategies

Fix and Verify

1. Run initial scan
2. Fix critical/high issues
3. Re-scan to verify
4. Repeat until clean

Progressive Deepening

1. Start with Quick scan
2. Fix obvious issues
3. Run Standard scan
4. Fix remaining issues
5. Run Deep scan before audit

Continuous Scanning

For CI/CD integration:

1. Scan on every PR
2. Block merge on critical findings
3. Track trends over time

---

Credits and Quotas

Re-Scan Costs

Each re-scan uses 1 scan credit/quota:

• Same as initial scans
• No discount for re-scans
• Project scans = 1 credit

Optimizing Credits

• Use Quick scans during development
• Use Deep scans only for releases
• Fix issues before re-scanning

---

Best Practices

Before Re-Scanning

1. Verify code changes - Ensure fixes are complete
2. Commit changes - Track what was changed
3. Update source - Upload new version if needed

After Re-Scanning

1. Compare results - See what changed
2. Verify fixes - Confirm issues resolved
3. Check for regressions - New issues introduced?
4. Document progress - Note what was fixed

Development Workflow

Code → Quick Scan → Fix → Quick Scan → ...
                                    ↓
    When stable → Standard Scan → Fix → ...
                                      ↓
        Before release → Deep Scan → Final Fixes → Deploy

---

Automation

CI/CD Integration

Automate re-scanning in your pipeline:

1. Scan on PR creation
2. Scan on merge to main
3. Scan before deployment

See CI/CD Integration.

Scheduled Scans

On team plans:

• Schedule recurring scans
• Daily, weekly, or monthly
• Get notified of changes

---

FAQ

Q: Does re-scanning update the same results?
A: No. Each scan creates new results. Compare to see differences.

Q: Can I re-scan with different code?
A: Yes. Update the contract source first, then re-scan.

Q: How do I know if a fix worked?
A: Compare scans. Fixed issues show in "Resolved" section.

Q: Should I re-scan after every change?
A: During development, use Quick scans. Save Deep scans for milestones.

---

Next Steps

• Managing Findings - Track fixes
• CI/CD Integration - Automate scanning
• Understanding Results - Interpret findings