Quantstamp is the “first decentralized smart contract security-audit platform.” Contracts are there to define and protect the rights and the obligations of both parties in a contract. Solidity smart contracts have done so in most cases but not in all of them, according to Quantstmap the source of this challenge is the bugs in smart contracts.
What problem is Quantstamp is trying to solve?
- Human error in smart contracts.
- Some smart contracts are managing multiple millions and one small error can be very costly. Such errors can lead to massive losses; such as the DAO hack. The impact of hacks and errors is the source of negative news for the cryptosphere, the contract creator and Ethereum.
How is Quantstamp solving this problem?
- Increasing the security of smart contracts by incentivising various actors to audit and secure smart contracts. The audit results published either publicly or privately. This is an excellent feature. One does not want to have smart contract vulnerabilities open to exploits before they are fixed.
- The Frontline security audit is an automated smart contract testing executed by validator nodes. The nodes a will be rewarded QRT tokens. These nodes will allow both scalability and decentralisation of smart contract audits.
- Security experts will update the software on the nodes, which will perform automated auditing and security testing on the smart contracts. These experts will be rewarded with QRT tokens.
- Security experts can search for bugs in smart contracts manually. They will be rewarded in QRT if they find bugs.
- A security library for Solidity, which I presume will be for sale to smart contract creators.
- Quantstamp has already audited the smart contracts of the Request.network. This proves they have an infrastructure that works.
- In order to do implement all of the above Quantstamp have a top-notch team with resumes full of household names such as IBM, Google, Amazon and Samsung.
- ICOs and businesses creating smart contracts will use some or all of the above to secure smart contracts and improve their trust with their customers. They will have to pay in QRT tokens, which will drive demand for this token.
The Challenges of Quantstamp
- Proof of care: The idea is noble, at its core but this is an incentive to spam. i.e. better name would have been proof of spam. We all agree that there is too much of this already on the net.
- The hype around this ICO obscures the true value of the QRT tokens, creates FOMO and disseminated FUD.
- There are competitors like OpenZeppelin. There will be more BlockCat will surely sell security add-ons to smart contracts or smart contracts which have been audited. (Maybe by Quantstamp)
- At this time the project is focused on Ethereum smart contracts. I would expect that the economy of experience gained in auditing solidity smart contracts can be transferred to other smart contracts systems such as EOS and BosCoin, allowing others to move into this sector.
- The code in smart contracts is not the only vulnerability. The weakest link is phishing attacks; imposters post wrong addresses and fake websites to trick those who want to interact with a smart contract. These kinds of issues have caused more damage than human errors in smart contracts. Addressing this security flaw would have added a lot of value to this project.
- If one Quantstamp audited smart contract is hacked, there will be massive loss of trust in Quantstamp.
- As the automated validation system becomes better and better, human bounty hunters will have a harder time finding errors. This will reduce their incentive for manual audits.
- There are many contracts which are similar or the same in nature, but executed by different parties. Once these contracts are standardized is there a need for a security check on each one?
- Price: 5,000 QSP = 1 ETH
- The pre-sale will start on the 9th Oct-17 and will last until the 9th -Nov-17
650,000,000 QSP will be available to the public from a total supply of 1,000,000,000 QSP.
- Soft cap is $3,000,000 , hard cap $30,000,000
There is definitely a need for securing smart contracts. Quantstamp addresses this challenge through multiple layers of audit and security, this increases the likelihood of catching bugs.
The success of the ICO depends on the demand for these security audits and the prices at which they are offered.
What do you think about QuantStamp? Let me know in the comments.