PROVIDING MUCH-NEEDED SECURITY AUDITS FOR SMART CONTRACTS
BBOD RATING (04-10-2018)
|Transaction Start Date||21/11/2017|
|Protocol Type||Application Protocol|
|Where To Buy||Binance, Huobi, Kucoin, IDEX|
PROBLEM TO SOLVE
Currently, the development of smart contracts is left solely in the hands of those who create a blockchain project. Although such contract creators are often highly skilled in their field, the potential for oversight of vulnerabilities in their code is highly possible as a result of a single point of failure, with only a few individuals ensuring optimal smart contract security.
The importance of auditing smart contracts efficiently cannot be understated. Without such a mechanism, projects that are backed by huge sums of investors money could be vulnerable to attack once deployed on the Ethereum network. For instance, Quantstamps whitepaper presents two notable hacks where $30 million and $55 million were respectively stolen, as a result of flaws in smart contract code. This is the exact scenario Quantstamp seeks to prevent. With the creation of new ERC-20 tokens being a continual process, and only set to increase in volume in the future, Quantstamp’s services are likely to be in high demand.
Quantstamp aims to solve smart contract impenetrability by creating the leading decentralised protocol that will provide security auditing for smart contracts based on the Ethereum network. In essence, Quantstamp allows developers of smart contracts to submit their work to their protocol where numerous security auditors can review the contract, in order to receive QSP tokens as a bounty. The level of auditing required is set by the initial developer who pays such fees to any individual who identifies a problem within the smart contract.
As noted in Quantstamp’s whitepaper, traditional smart contract auditing is extremely expensive, costing on average $5000 and taking up to a week to complete. By spreading the workload amongst numerous security experts, Quantstamp aims to considerably lower the cost of auditing and substantially decrease the amount of time taken to complete
When the project launches in Q2 2019, Quantstamp protocol will comprise of two main types of security audit. Firstly, their software verification system that is entirely automated will scan Solidity programs for bugs. The software is designed to become more intelligent over time as the result of artificial intelligence, allowing it to catch attacks of increasing sophistication. Secondly, Quantstamp will automatically provide a bounty to human participants in the form of QSP tokens who manage to find vulnerabilities in smart contract code. Human auditors receive compensation for their efforts and Quantstamps clients ensure the integrity of their cryptocurrency project.
This multifaceted approach combines the best of artificial and human intelligence to form a strong alliance to fight against any proposed security threats. Thus, clients of Quanstamp should feel much more confident in the overall strength of their network than if merely working as sole actors.
Quantstamp seems to have uncovered a gap in the market that needs to be filled. The project has the potential to become the leading security auditing protocol. This could provide the level of trust the community needs to feel safe in investing substantial amounts of money, by confirming a project is safe from attacks that currently plague the industry. With support from Binance, already completing numerous security checks for ICO’s launched on their exchange, the project looks to have a great future ahead of itself and is certainly one to keep a close eye on.
- Proven Ability: CEO Richard Ma and CTO Steven Stewart have extensive experience in software security testing and smart contract development
- Academically Respected: The team as a whole has over 500 citations in Google Scholar regarding software security
- Proof of Concept: Numerous successful audits have already been completed for Binance clients, indicating substantial interest in the project
- Growing Interest: The expansion of mainstream interest in smart contracts will attract more security threats in the future that need to be addressed
- Expanding Market: The continual introduction of new projects using smart contracts ensures an expanding target market
- Foresight: The Ethereum network may not always be the leading smart contract platform, the project could consider expanding to include Ethereum’s competitors
- Low Supply of Able Workforce: Currently, the talent pool within the blockchain space is minimal, with demand far outstripping supply, finding enough auditors to become scalable could become an issue
- Competition: Not the only project trying to lower the cost of smart contract development, although the projects rigorous emphasis on security is unique
- 30th April 2019 (or earlier): Quantstamp audit network launch, as described in the whitepaper
In the continually evolving blockchain industry, unique problems to solve are always present yet often missed. Quantstamp’s vision to provide much-needed security to smart contracts is certainly a valid addition to the blockchain ecosystem. By decentralising auditing work and splitting traditionally expensive costs and knowledge amongst actors, Quantstamp could substantially improve the security of smart contracts moving forward, whilst providing a discounted price.
With numerous successful audits already completed for reputable firms on the Binance platform, the project has the potential to become the go-to protocol for contract creators seeking network security in years to come. As the market for smart contracts continues to grow, Quantstamp could become an incredibly lucrative endeavour for investors if this holds true. Certainly, one to keep on your radar.
BBOD RATING STANDARD
BUY: A low-risk buying opportunity
ACCUMULATE: An opportunity to buy a medium risk cryptocurrency at a low price
SPEC BUY: A speculative opportunity for investors with a higher risk tolerance
HOLD: Maintain current levels of position until further research is published
SELL: Investment is associated with the potential of losing capital