One of the most appealing concepts in public blockchain technology is the concept of trustlessness; the idea that we are not putting our trust in people when we transfer value, we are trusting the quality of the protocol itself. Ethereum advanced blockchain technology by allowing people to upload and run code on a worldwide computer we know as the Ethereum Virtual Machine. However, there is an element of human trust we accept when interacting with these smart contracts on Ethereum. If bugs are unintentionally written into a contract, like what happened with the infamous DAO incident, millions of dollars worth of Ether could be stolen by a clever hacker overnight. With smart contracts, we need to trust in people again.

Cryptography will not save us from faulty smart contracts but the Quantstamp protocol solves this problem by auditing smart contracts while upholding the values of security through decentralization and trustlessness.

The High Cost of Not-So-Smart Contracts

If we consider the DAO, the Parity multi-sig hack and other well known hacks, currently over $80 million dollars worth of Ether were stolen because of faulty smart contracts. Despite these hacks, smart contract code has not improved. A recent study found vulnerabilities in 45% of existing smart contracts and the number of contracts on Ethereum has exploded to over 2 million that collectively hold over 12 million Ether. This means that potentially $1.6 billion USD worth of Ether is currently vulnerable to exploitation.

Quantstamp Makes Smart Contracts Smart Again

Quantstamp solves this problem by automating audits of smart contracts in a decentralized and trustless fashion. Quantstamp audits contracts on an off-chain network that works a lot like Proof-of-Work style mining. In order to audit a contract, nodes on the Quantstamp Network “mine” or audit contracts by making the audit part of the mathematical steps necessary to solve a block. Also, just like in PoW style mining, it is hard to solve a block but it is very easy for other nodes to verify that the block was solved correctly. Once a contract is audited, the author will receive a report describing any security vulnerabilities.

If you are concerned about who has control over the security library that Quantstamp draws from, don’t worry! This library is agreed upon by consensus of all nodes participating in the network.

Quantstamp also incentivizes skilled black and white hat hackers to manually review smart contracts through bounty rewards to find bugs that automation hasn’t detected. This bounty program follows the spirit of blockchain by providing financial incentives to potentially bad actors in order to get them to behave in a way that reinforces the strength of the network.

The Future of the Public Ledger

In the crypto space, many have a utopian vision of what blockchain technology can achieve. We dream of how public ledgers will encode fairness and trust into everything from intellectual property to self-government. Quantstamp takes us one step closer to this future by auditing smart contracts in way that is true to the values of blockchain tech. Quantstamp isn’t just a dApp, it is an enhancement to any decentralized virtual machine. Unlike other projects, Quantstamp openly aims to eventually be incorporated directly into the Ethereum protocol.

Will the public blockchain achieve the utopia that we dream is possible? Only time will tell but Quantstamp brings us one solid step closer to that vision.

Learn more about Quantstamp here:

About the author

My name is Julian Martinez and I am a cryptocurrency enthusiast living in the San Francisco Bay Area. Like many of you, I regularly interact with smart contracts that temporarily store my Ethereum.