Since Bitcoin, various blockchain protocols have emerged with different variations and features for different purposes and use cases such as Ethereum, Ripple, Hyperledger, amongst others. Despite the rise of applications and projects that are built on top of these protocols for wider application, blockchain is yet to be fully embraced by the mainstream. A major concern when deploying blockchain is the security of the smart contracts which power blockchain application. Richard Ma, Co-founder and CEO of Quantstamp, explains, “While the blockchain itself is extremely secure as a platform, applications built on top of it aren’t safe by default. Just like regular software can have bugs, blockchain applications, which are powered by smart contracts, may also have bugs which threaten their security.” We observed that with the DAO hack in Ethereum platform in 2016: Hackers were able to exploit the system because of the flawed in DAO’s smart contract code.
The Foundational Purpose of the Company
Blockchain platforms, applications, and projects are on the rise, but they often are not focused on securing the blockchain technology and the industry in general. Ma says “Many companies and projects are focusing on developing useful blockchain projects, but very few are focused on making sure they are secure enough to be used in real-world applications.” For global scale adoption of blockchain, the industry needs to provide strong security assurance to the public. Ma says, “Security is essential for mass adoption of blockchain technology. People need to trust smart contracts and know that the blockchain applications using them are safe in order to let them handle real-world business use cases.”
Ma’s bitter experience with the DAO hacking prompted him to develop a protocol for smart contract auditing. He says, “I had invested a significant sum in the DAO myself, and seeing the funds disappear before my eyes spawned a desire to prevent this from happening again.”
With a deep understanding of the security landscape in blockchain, Richard Ma and his close friend, Steven Stewart co-founded Quantstamp in 2017, dedicated to blockchain security. Ma says, “Our goal is to secure smart contracts and pave the way to mass adoption of smart contracts—and thus, blockchain technology.” By providing the security layer for smart contracts, the company is enabling companies to confidently deploy blockchain technology.
Automated Smart Contract Security Protocols
With a mission to improve the blockchain security, the company is known for its decentralized smart contract security analysis protocol. The protocol uses a variety of automated analyzers along with a decentralized protocol to provide affordable and reliable automated security smart contract security scans. The protocol lives on the Ethereum Mainnet and can be accessed at Quantstamp.com. It allows everyday smart contract users to assess the security of the blockchain applications they use as well as access trustworthy reports generated by a network of smart contract analyzers. Designed to be trustless, the analyzing nodes in the network are incentivized to provide accurate reports and users of the protocol do not have to trust the company to know that the security reports they obtain through the Quantstamp protocol are reliable.
By partnering with top analyzers in the market including those developed at NUS and Mythril, the company ensures that users get access to the best-in-class smart automated analyzer software in the market.
As blockchain evolution comes with a constant iteration of protocols, Quantstamp also continues to enhance its protocol with more features and capabilities. “For the next iteration”, Ma says, “We are adding staking functionality where users can stake tokens on the probability of a smart contract behaving as desired. In this way, smart contract operators can hedge against the risk of hacks and other non-desirable behavior.”
Beyond the protocol, the company has a world-class team of security experts who offer white-glove smart contract auditing and security advising services. By doing so, the company stays aware of the latest vulnerabilities and also generates runway for protocol development.
When asked about the future of the company, Ma says, “As a company, we aim to be synonymous with smart contract security and that means staying at the cutting edge of blockchain security.” The company is indeed at the leading edge in research and development of blockchain security through partnerships with top institutions such as MIT and NUS as well as standards initiatives such as the Smart Contract Security Alliance.
Quotes: People need to trust smart contracts and know that the blockchain applications using them are safe in order to let them handle real-world business use cases
Quantstamp uses a variety of automated analyzers along with a decentralized protocol to provide affordable and reliable automated security smart contract security scans.