Quantstamp - Why is it one of the most required advancement in the crypto ecosystem

Smart contracts in simplest of the terms can carry out the direct transaction of value between untrusted parties. While this sounds simple, it opens innumerable use cases to manage agreements, information sharing, autonomously working organizations, etc.

So what is the problem?

While blockchain itself is secure, the smart contracts built over the blockchain needn’t necessarily be secure inherently. There are multiple security bugs with the smart contracts as Vitalik Buterin mentioned in his blog post (http://bit.ly/1UhLxOU) and the recent survey of attacks on smart contracts (http://bit.ly/2wWXT5p). These security bugs include variable/function name mix ups, arrays/loops and gas limits, and many more. Further, the coding patterns applied by the developer may be dangerous and may not have taken considerations of the underlying blockchain limitations. The actual impact of these security issues depends on various factors including the actual value that the smart contracts handle.

Also, technologies like EtherParty and Blockcat are trying to make it easier for users, with zero knowledge of smart contract coding, to create smart contracts through simple UI based inputs. This will help greatly in the adoption of smart contracts, however, the un-trusted parties of the smart contracts will still remain vulnerable to all the security issues just mentioned above.

Way forward?

Given the scenario and ecosystem, it is imperative that there must be multiple solutions working at different layers of the ecosystem are required to mitigate the issues.

Some of the mitigations as Vitalik mentioned, could be handled through updates to the underlying Ethereum platform itself. While the other aspects specific to the coding standards and best practices remain largely the responsibility of the developer or the testing/third party auditors.

However, in this niche growing ecosystem, engaging security consulting and auditing is a time-consuming and expensive procedure. Enter Quantstamp!

What does Quantstamp bring to the table?

Simply put Quantstamp is trying to bring a very cost-effective and most importantly a scalable system to audit/certify the smart contracts.

Quantstamp’s system focuses on two protocols to identify the security issues.

• It includes an automated system that checks the programs for vulnerabilities
• A bounty system that rewards the voluntary human participants for their error finding skills.

The detailed technical aspects of the system and its working are available in the Quantstamp’s whitepaper (http://bit.ly/2xHSS04).

I am really impressed and convinced that such mechanism for the smart contracts is a must to ensure that the smart contract is reviewed thoroughly for security bugs and is foolproof to all known issues/vulnerabilities.

Key dates of this project

As per the roadmap published in the whitepaper, there are three major timelines, I would like to highlight:

• Jan 2018 - Build Quantstamp validation node - A validation node runs the security checks on smart contracts
• May 2018 - Quantstamp Hackathon
• Aug 2018 - Release Mainnet

What else can Quantstamp do?

Looking at the value that Quantstamp brings to the ecosystem, I believe Quantstamp should accommodate the below in their roadmap for the larger success of the ecosystem

• Extend Quantstamp to other platforms including Neo, Waves, Lisk, etc. (Currently limited to Ethereum)
• Build partnerships with projects like EtherParty and Blockcat and certify the smart contract templates that get published in their marketplaces
• A feedback mechanism (system/process) to the smart contract platform to further optimize security
• Extend Quantstamp protocols to the early development cycle of the smart contracts so that security issues can be mitigated at early stages

In coming days, I strongly believe that each smart contract will have to get through the security auditing process that is widely accepted before the smart contracts can be deployed. Quantstamp auditing process could become that golden standard and Quantstamp has a great potential to make it happen.

Website: https://quantstamp.com/
Roadmap: https://quantstamp.com/#roadmap