Quantstamp is the very first smart contract protocol for auditing security. It takes Ethereum technology and extends it to ensure that users’ smart contracts are secure.
Who Is Behind Quantstamp?
The team behind Quantstamp is filled with experts in software testing and has more than 500 citations in Google Scholar. It also includes Ph.D.s with years of industry experience. Richard Ma is a co-founder and CEO with experience in business and strategy operations, plus algorithmic trading and more. Steven Stewart is a co-founder and CTO with experience in smart contract development and the Canadian Department of National Defense. Senior Security Engineer Edward Zulkoski works in smart contract development and has done extensive research in SMT and SAT solvers. The other senior security engineer, Vajih Montaghami, does software verification and is an expert in scalable systems and security infrastructure.
Other team members include Prit Sheth as the lead backend engineer, Leonardo Passos as the senior developer, Krishna Sriram as the community manager and PR, Anna Kao as the graphics and UX designer, Jared Harril as the community manager, Alex Murashkin as a senior software engineer, and Kacper Bak as a senior software engineer. The team is also currently looking for blockchain engineers and is soon to announce to Ph.D. security engineers with extensive experience.
What Does Quantstamp Do?
Quantstamp is essentially an auditing network. This specialized network links investors, users, and developers in a proof-of-audit that is scalable and transparent. The network allows for automated checks on the various vulnerabilities of smart contracts. It also automatically rewards those who identify bugs, encouraging the network to always be in top condition.
What Problems Does Quantstamp Address?
The team behind Quantstamp recognizes that blockchain networks are indeed secure, but it wants to improve security for smart contracts, something that is severely lacking. In the whitepaper, the team cites instances where hackers stole $30 million and $55 million because of bugs, showcasing the exact type of scenario it hopes to prevent with Quantstamp.
The team feels that current attempts at validating smart contracts are just not enough and that using a security consulting company would need a human expert for auditing the smart contracts. This leads to a high risk of errors and a high cost, in addition to a high reliance on a single company, putting the business being audited at risk. Essentially, the team does not think it is possible for human auditors to keep up with the growing number of smart contracts since there are not enough experts, which will lead to a rising cost.
By creating a scalable, cost-effective system that can audit smart contracts, Quantstamp addresses these problems making it possible to conduct audits without relying on humans.
What Are Some Key Features of Quantstamp?
The protocol behind Quantstamp relies on two main parts. The first is the software verification system that is completely automated and can be upgraded. This system checks Solidity programs and is designed to catch attacks of increasing sophistication. The second part is the automated bounty payout that delivers rewards to human participants who find errors in the smart contracts. This allows Quantstamp to bridge the gap between the current reliance on human auditors and the move to its software.
Quantstamp prides itself on being cost effective so companies have no hesitations about taking advantage of the services and ensuring the security of their smart contracts. It is also scalable, working to verify any Ethereum project. Ideally, it will eventually become a fundamental part of Ethereum’s mainstream adoption. As a protocol designed with security in mind, Quantstamp is also highly secure. Its proof-of-audit protocol was designed to make it impossible for those with malicious intentions to manipulate the results of the audit. This eliminates the risk associated with the vulnerability of centralized audits.
What Should You Know about The Quantstamp Tokens?
The Quantstamp tokens, QSP, are a type of Ethereum ERC20 and are only bought with ETH during the crowdsale. The pre-sale does not have any individual caps since this is used to hire engineers. The main sale does have individual caps. At the end, any unsold tokens will be burned. The tokens for the founding team have a three-year vesting schedule.
In total, 65 percent of the tokens are distributed during the token sale, with 20 percent allocated for the team and advisors. The core activities reserve gets 10 percent, and the final 5 percent goes to community development. A full 50 percent of the proceeds go straight to product development, with an extra 30 percent allocated for marketing and community, 15 percent for administrative and general funds, and 5 percent for security.
How Are QSP Tokens Used?
QSP tokens are the method of payment for verification services, as well as how those who provide verification are rewarded. Contributors get QSP tokens for the software they contribute to verify Solidity programs. Those who run Quantstamp validation nodes get QSP tokens in return, and those who find bugs also receive their bounty in the form of QSP. Those who create contracts will pay QSP tokens when having their smart contracts verified.
How to Buy Quantstamp QSP
You are not able to purchase QSP with “Fiat” currency so you will need to first purchase another currency – the easiest to buy are Bitcoin or Ethereum which you can do at Coinbase using a bank transfer or debit / credit card purchase and then swap that for QSP at an exchange such as Binance.
Register at Coinbase
For first time buyers of crypto currency, we recommend that you use Coinbase to make your first purchase – its easy to use, fully regulated by the US government so you know it is one of the safest and most reputable places to purchase cryptocurrency from. Coinbase offers the ability to purchase Bitcoin, Litecoin and Ethereum with a credit or debit card or by sending a bank transfer. The fees are higher for cards but you will receive your currency instantly.
You will have to carry out some identity verification when signing up as they have to adhere to strict financial guidelines. Make sure you use our link to signup you will be credited with $10 in free bitcoin when you make your first purchase of $100.
To get started, click the “Sign up” button where you will be taken to a registration form where you will need to enter your name, email and choose a password.
Purchase Ethereum
For this guide, we will be purchasing Ethereum to swap for our target cryptocurrency. The reason for this is that it has far cheaper fees than bitcoin for sending and the transaction also happens a lot faster. So in Coinbase, visit the “Buy / Sell” tab at the top, select “Ethereum”, choose your payment method and enter the amount you wish to purchase – you can either enter a US Dollar amount or a number of Ether.
You will then be asked to confirm your transaction, if paying with a card you might have to complete a verification with your card provider. Once that’s complete, your Ethererum will be added to your account.
Purchase QSP at Binance or Kucoin
You can now send your Ether over to Binance to make your purchase of QSP, take a look at our review of Binance here to see how to signup and purchase on their exchange.
QSP is also available to purchase on the Kucoin Exchange, take a look at our guide here to find out how to use this exchange.
What Does the Roadmap Look Like?
In January 2018, Quantstamp will complete building the validation node, which is an augmented Ethereum node. In February, the fifth semiautomated audit will be done using the analysis software’s V1. This software is also going to be added to the validation node responsible for returning raw output and proof-of-audit hash. In March, the team will work on the testing phase and improving crypto-economic incentives, in addition to beginning the token holder governance system.
In April, the test network will be deployed following testing and validation. At this point, the system’s academic review will also begin. In May, there will be the first Quantstamp hackathon, and work on smart contract insurance will begin in June. July will see a vote by token holders for the mainnet, and mainnet V1 will be released in August. In September, the team will begin working on the distributed SAT consensus and BFT for mainnet V2. In October, the alpha product of smart contract insurance will be added to mainnet smart contracts.
Conclusion
The need for a system like Quantstamp is something that many were not aware of until it was brought up, but this platform can make a significant difference. Security is indeed a current concern for smart contracts, and with the team and technology behind Quantstamp, this concern should quickly be reduced. With the incentives in place and the team’s experience, Quantstamp should prove effective at ensuring smart contracts are free from bugs.
