Quantstamp Solves Smart Contract Problem by Offering Auditing on DemandSep 2, 2018, 7:06AM
Quantstamp is now in beta, and it will audit the blockchain on behalf of its users. Can it reduce the gigantic number of smart contract bugs?
Quantstamp released a usable security product today; the project announced that its betanet has gone live on the Ethereum mainnet. The platform will facilitate the auditing of smart contracts by producing a "publicly verifiable record that an audit took place," which will in turn prove whether a smart contract is safe to use.
Although data on a public blockchain can be examined by anyone, actually interpreting the data is no small task. In practice, this means that users typically take developers at their word. With Quantstamp, users can now submit audit requests via the platform's portal,
Now, for the first time, users will be able use the Quantstamp betanet protocol to independently verify that the smart contracts they are interacting with were audited for security vulnerabilities and review the results. Users no longer need to blindly trust that developers did their due diligence. / Quantstamp on Medium
Users will send QSP tokens to the service via Metamask before submitting code through the portal. Quantstamp's auditor nodes will then take on the task of reviewing the code. Right now, a whitelist of trusted institutions serve as auditors, but eventually, anyone will be able to pay to become an auditor node.
Other platforms provide similar services, such as rival platform, CertiK, which also audits smart contracts. Although there is quite a lot of overlap, Certik is highlighting formal and mathematical testing, while Quantstamp is putting an emphasis on third-party and institutional auditing. The products also differ in maturity; Quantstamp is sitting at #175 on CoinMarketCap, while CertiK is not yet listed.
The problem of smart contract security is a large one. The multimillion-dollar DAO hack is the most well-known incident, but the problem is widespread. A new report from Hosho security has shown that a quarter of all smart contracts contain bugs and security flaws. Projects like Quantstamp may go a long way to reduce this problem and prevent theft.
Disclaimer: information contained herein is provided without considering your personal circumstances, therefore should not be construed as financial advice, investment recommendation or an offer of, or solicitation for, any transactions in cryptocurrencies.