Quantstamp is a protocol for transparent security audits, built on smart contracts. Find out how it works today in our review.
What Is Quantstamp?
Quantstamp, found online at Quantstamp.com, claims to be the first decentralized smart contract security platform.
Basically, it’s a security audit protocol designed to find vulnerabilities in Ethereum smart contracts.
Today, blockchain and smart contract developers often resort to bounties to find vulnerabilities in their smart contracts. Quantstamp sees a better system through the use of scalable proofs of audit.
“We believe in the future of smart contracts and are building a foundational technology to protect users and investors – with scalable proofs-of-audit,” explains the official Quantstamp website.
Quantstamp has already completed an audit on the Request Network.
How Does Quantstamp Work?
Quantstamp is a specialized network that connects developers, investors, and users around a transparent and scalable proof-of-audit protocol.
The network acts as a critical piece of transparency by enabling automated checks on smart contract vulnerabilities. Then, the network automatically rewards verifiers who identify bugs.
The platform revolves around the use of Quantstamp tokens, which allow the platform to operate in a scalable and fully decentralized fashion. Computation fees are delivered to verifier nodes in the form of Quantstamp tokens, and participants receive Quantstamp tokens in exchange for location vulnerabilities.
The overall Quantstamp protocol consists of two parts, including:
- An automated and upgradeable software verification system that checks Solidity programs; the conflict-driven distributed SAT solver requires a large amount of computing power, but will be able to catch increasingly sophisticated attacks over time
- An automated bounty payout system that rewards human participants for finding errors in smart contracts; this system will bridge the gap while moving towards the goal of full automation
More detailed information, including a very in-depth technical breakdown of the platform and how it works, can be viewed at the Quantstamp 51 page whitepaper.
As proof the Quantstamp platform works, the company has already launched a demo on Github. That demo shows how their platform could be used to find vulnerabilities similar to the one that took down The DAO. It’s an analyzer that constructs multiple Abstract Syntax Tree (AST) visitors, then uses these visitors to extract the program variables and call structure of a Solidity contract.
The Quantstamp Token Sale
Quantstamp tokens are ERC20-compliant Ethereum tokens. There’s a total supply of 1 billion QSP, with a contribution cap of $30 million USD during the token sale.
65% of the total supply of tokens is going towards the token sale. 20% is going to the team and advisors, 10% to the core activities reserve, and 5% for community development.
Who’s Behind Quantstamp?
Quantstamp’s development is led by Vancouver-based Quantstamp Technologies Inc.
The company was founded in 2017. Founding members of the team include Richard Ma, Steven Stewart, Dr. Vajih Montaghami, Ed Zulkoski, and Leonardo Passos.
Blockchain technology is very secure. However, smart contract technology is not inherently secure. Smart contract are only as secure as the code within those smart contracts, and that code is written by individual developers or teams. Obviously, there have been a number of well-published smart contract vulnerabilities – starting from the infamous hack of The DAO in 2016. In July 2017, a hacker stole $30 million due to a one word bug in the smart contract code in Parity’s multi-signature wallet.
Quantstamp envisions a future where it’s easier for individuals to audit their smart contract code. Quantstamp is a decentralized network that rewards people with tokens in exchange for capturing bug bounties.
Unlike many other ICOs currently underway, Quantstamp also has a working demo available. In that demo, you can see how the platform could be used to prevent attacks like the one that took down The DAO in 2016.
As the smart contract community continues to grow, auditing platforms like Quantstamp could become increasingly important. To learn more about the technology, visit online today at Quantstamp.com.