Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

FAQ

Frequently asked questions about Odin Scan.

What platforms does Odin Scan support?

Odin Scan supports three blockchain platforms:

  • CosmWasm – Rust-based smart contracts on Cosmos SDK chains (Osmosis, Neutron, Terra, etc.)
  • Solana (SVM) – Rust-based programs using Anchor or native Solana program structure
  • EVM – Solidity and Vyper contracts on Ethereum, Arbitrum, Base, Polygon, BSC, and all EVM-compatible chains

Platform detection is automatic based on your project structure, or you can specify it explicitly.

Is my source code stored?

No. Your repository is cloned, analyzed, and deleted immediately after the scan completes. Odin Scan does not store your source code. Only the analysis results (findings, severity, code locations, remediation guidance) are retained. You can delete your analysis data at any time through the dashboard or by contacting support. See Data Handling for full details.

Can I use Odin Scan on private repositories?

Yes. The GitHub Action works with both public and private repositories. For private repositories, the action uses the GitHub token provided in the workflow to clone the repository. No additional configuration is required beyond the standard actions/checkout step.

How accurate is the AI analysis?

Odin Scan uses a multi-layered approach to maximize accuracy:

  1. Multi-agent consensus: Multiple independent AI models analyze your code in parallel. When multiple models flag the same issue, confidence is boosted.
  2. Verification pipeline: Every AI-generated finding is cross-verified against the source code to confirm the vulnerability is present and reachable.
  3. Severity adjustment: Repository context (audit history, compiler version, trust model) is factored into final severity ratings.
  4. Static analysis: Deterministic lint rules complement AI findings with zero-ambiguity pattern matching.

No automated tool is a replacement for a manual audit, but Odin Scan is designed to surface real issues while minimizing noise.

Can I self-host Odin Scan?

Self-hosting is not currently available. Odin Scan operates as a cloud service. An enterprise self-hosted option is planned for a future release. Contact support@odinscan.ai if you are interested in early access.

How do I report a false positive?

You can report false positives in two ways:

  1. Dashboard: Open the finding in the Odin Scan dashboard and mark it as a false positive. This feedback improves future scans.
  2. Email: Contact support@odinscan.ai with the analysis ID and finding details.

What AI models are used?

Odin Scan uses multiple state-of-the-art large language models for multi-agent consensus. The specific models are continuously updated to incorporate the latest advances in AI reasoning. Each model analyzes the code independently, and consensus across models increases finding confidence.

How do I cancel my subscription?

  1. Navigate to Settings > Subscription in the Odin Scan dashboard.
  2. Click Manage Subscription to open the Polar.sh customer portal.
  3. Select Cancel Subscription.

Your access continues until the end of the current billing period. See Subscription Portal for details.