New hires, decentralized protocol progress, business developments and more — here’s what’s going on at Quantstamp recently:

New Hires

John Bender is an experienced software developer with a history of involvement in a variety of different software projects like Vagrant and jQuery. He can often be found with the UCLA Compilers Group where he focuses on compiler optimizations and formal methods for concurrency and weak memory models. John will be helping the team with audits.

Quantstamp Protocol Development

Towards our goal of a decentralized, scalable smart contract auditing protocol, Quantstamp uses agile development methodology — a time-tested approach of development that emphasizes shipping often. Whereas traditional, waterfall-style development can take years to ship a product, agile development ships software on the order of months, so that testing and feedback can happen early and often. This approach leads to a better end-product.

The current version of the protocol, developed during Y-Combinator Winter Session 2017

During the winter and early spring, we developed a Minimum-Viable-Product(MVP) version of our protocol during our stint at Y-Combinator. This MVP allowed us to test the ideas developed in our whitepaper — and showed the feasibility of our project. You can see this protocol in action on testnet here and submit contracts to be audited to it here.

Proposed upcoming version of the protocol, which has whitelisted nodes and will be published on the Ethereum mainnet*

Currently, we are developing the next iteration of the QSP protocol. This version of the protocol, which we call betanet, will be published on the ethereum mainnet. It has a more streamlined architecture which lowers gas usage and moves us closer to our goal of a decentralized smart contract auditing protocol.

Here is some of the latest progress we’ve made on this upcoming version of the protocol:

We’ve completed the first iteration of a new monitoring dashboard for betanet.

Similar to how https://netstats.quantstamp.com provides statistics and health monitoring of our current testnet protocol, this new monitoring dashboard will allow us to monitor activity and health of our upcoming betanet protocol. Having that level of visibility will allow us to monitor, test, and improve the protocol design.

We’ve improved the robustness of our auditing nodes by improving test coverage, error handling, logging, and security

Auditing nodes are the heart of the QSP protocol. These nodes receive audit requests for smart contracts and run analyzers to verify the security of the contract. As the QSP protocol is meant to eventually be a decentralized protocol running in the wild, it’s essential that we make sure it is robust enough to handle errors, security issues, and edge cases.

Besides these major updates, we also made many other changes and updates including protocol design revisions to handle audit request timeouts and refunds, as well as ongoing testing and bug fixes.

We are now preparing for our upcoming betanet release by creating deployment procedures to ensure a smooth release. In addition, we are designing the upgrade procedures for auditing nodes, as well as writing instructions for node operators to be onboarded onto the network. This infrastructure-level work helps us not only for the upcoming betanet release but will also help us update our protocol smoothly in future releases.

*These concepts are still developing and may be dependent on factors including those beyond our control. We may update, cancel, or modify features, architectures or timing. Do not place undue reliance on these descriptions.

Quantstamp Research

Our senior software engineer and applied researcher Martin Derka recently discovered a way how the user interface of blockchain explorer Etherscan can be exploited by Ethereum attackers. He published a Medium article on the exploit and also presented on the topic at KAIST, the top technical university in Korea. While in Korea, Martin and our forward-deployed engineer Yohei also attended TGTX, a technical forum with speakers from KAIST, Kyber, Zilliqa and Kakaotalk.

We sponsored and attended the IEEE Cipher Blockchain conference in Rio, where our senior research engineers Kacper Bak and Leonardo Passos attended and presented on the Quantstamp protocol and challenges in smart contract security. IEEE is the premier organization for professional engineers and we were happy to support and present at Cipher — their conference focused on research in security and privacy.

Korea Blockchain Week

Quantstamp had a strong presence at Korean Blockchain Week — a week of non-stop blockchain conferences and events in Seoul.

Richard speaks at Blockchain Partners Summit in Seoul about standards for the smart contract security industry

CTO Steven Stewart presents on Smart Contract Security at KAIST

We spoke at prominent conferences and universities — including KAIST, the top technical university in Korea. Besides the major blockchain events, we also had over 20 meetings with top blockchain projects, communications companies, conglomerates and other major players in Korea.

Just like in Japan, we saw strong interest from Korean companies, both large and small, in using blockchain to streamline their businesses or create new opportunities. With its progressive regulatory environment, strong startups, international competitive conglomerates, and technical talent, we are excited about the potential in Korea and are making sure we are in a good position there.

Audits

Besides our decentralized protocol, Quantstamp also does full-service audits of quality blockchain projects. These semi-automated audits give our team exposure to smart contracts “in the wild”, keeping them up to date with the latest security vulnerabilities, and allowing them to better understand customer requirements, while also allowing us to extend our runway.

Most recently, we completed an audit of Hypernet. Hypernet is a distributed computing project that aims to use spare computing capacity in our laptops, desktops, smartphones, and tablets to provide computing resources for scientific research and other applications that need High-performance computing. Compared to existing projects in this space, Hypernet is designed from the ground up for distributed high-performance computing, and robustly handles compute nodes coming on and off the network.

Currently, we’re auditing Wanchain, as well as Carry Protocol. Carry Protocol is a project that allows consumers to monetize their personal shopping information for rewards, while protecting privacy. We think this is a great example of blockchain improving the status quo, and are happy to be helping Carry make sure their crowdsale token contracts are safe.

Community Events

Our VP of Strategy Olga Mack spoke at the TEEN Global Cyber Security & Artificial Intelligence conference at UC Berkeley, helping to inspire teens to pursue blockchain and STEM careers for their future.

Besides the TEEN conference, Olga also spoke recently at the Ascend Leadership 2018 — Inspiring Across Generations event, and participated in the blockchain panel at the Silicon Valley Innovation & Entrepreneurship Forum.

Unchained and Unconfirmed

Laura Shin covers blockchain technology for Forbes magazine. Her Forbes podcast Unchained and her own podcast Unconfirmed are two of the best in-depth crypto podcasts in the industry, and we are proud to be sponsoring several recent episodes. Check out this recent episode with Polychain Capital’s Olaf Carson-Wee about the 2018 crypto-market.

To stay up to date on what’s going on at Quantstamp, sign up for our newsletter at Quantstamp.com, or follow us on Twitter, Medium, or Facebook