Updated: Dec 21, 2019
Quantstamp is a new open protocol cryptocurrency. It is the first protocol to have included smart contract security infrastructure to Ethereum. The coin QSP is gaining widespread traction because it is aiming to perform multiple security audits (in a cost-effective fashion) on all smart contracts, available on the Ethereum network.
This guide explains the purpose Quantstamp is designed for, the team behind it, the way it works, and various uses and applications.
What Is Quantstamp Designed For?
Quantstamp is designed to be a security-auditing protocol for smart contracts. Ethereum, as a widely recognized Dapps platform, has proven its secure nature time and again. However, smart contracts and Dapps built on top of Ethereum tend to still have bugs through which malicious players can wreak havoc on the network.
The two most notable examples of these bugs are the $30 million Parity wallet bug and the $55 million DAO hack. These issues directly diminish the credibility of the entire ecosystem and affect all industry players. This is where Quantstamp comes in useful. The protocol provides a cost-effective and scalable system to audit smart contracts built upon Ethereum, for finding potential security flaws.
Who Is the Team Behind Quantstamp?
There are 30+ members in the Quantstamp team, including advisors. Richard Ma (CEO) and Steven Stuart (CTO) came together in June 2017 to launch the platform. Ma was behind the validation testing and production-grade integration software at the Bitcoin HFT Fund. During his tenure there, the trading systems had no notable issues while handling millions of dollars in investment capital.
Stuart previously founded Many Trees, a start-up that uses GPUs for machine learning and Big Data analytics. He also worked for 5 years in Canada’s cryptologic agency with the Department of National Defense.
How Does Quantstamp Work?
Quantstamp is being designed to be platform-agnostic, although, currently the team is focusing only on Ethereum. However, soon the protocol could be used on other smart contracts platforms such as NEO and Lisk. The protocol has a two-pronged approach to dealing with malicious bugs – automated software verification system and automated bounty payout system.
Audit techniques, including automated reasoning tools such as SAT and SMT, and security checks like static analysis, consoles tests, and symbolic execution that belong to formal methods submitted by Contributors are applied by Quantstamp’s validation nodes.
Quantstamp Protocol (QSP) tokens are offered as a reward to contributors (who are primarily security experts) for submitting verification software. The Quantstamp governance mechanism comes into force to ensure that no bad actors are indulging in the submission of malicious validation software.
Validation smart contracts, protocol, and Validation Node upgrades are handled by QSP token holders. A time-locked multisig is used by the governance model in which any token holder can actively propose a change. Changes occur quickly when they have more votes.
An in-house proof-of-caring system was implemented by Quantstamp in 2018 to reward community members that were loyal QSP token holders. This system involves airdrop of tokens from an ICO that was audited by Quantstamp.
What are Current and Future Applications of Quantstamp?
QSP is essentially the token that fuels the entire Quantstamp protocol. Contributors are given QSP tokens for contributing software that is used towards verifying Solidity programs. Validators are given QSP tokens for effectively running the specialized validation node on the Ethereum network.
Bug Finders are rewarded in QSP tokens as a bounty if they are successful in submitting bugs, which break the smart contracts. Contract Creators pay in QSP tokens when they are looking to get their smart contract verified. QSP also gives its holders voting power and an active part in the governance system.
Quantstamp is effectively building an ecosystem that revolves around QSP. The token is primarily used for paying for audits, but that is only the tip of its utility. The protocol is expected to gain new heights as more and more developers understand the inherent advantage of using it.
Manual verification of smart contracts through open-source code reviews and unit tests can cause errors and misses. The growing base of Ethereum has also put pressure on the smart contract industry to provide correct and bug-free contracts.
These requirements are expected to help increase Quantstamp’s reach. The protocol is beneficial to developers who may not have the technical edge to check and verify smart contracts as well. More developers are expected to be motivated to make use of Quantstamp after understanding that transparent verification of smart contracts takes place through consensus.
The best part about Quantstamp, which will fuel its future applications is that the network cannot be manipulated because all participants are monetarily incentivized through QSP tokens to prevent attacks.