We are building a new standard in blockchain security

About Quantstamp

Quantstamp is a blockchain security company developing automated security tools such as the Quantstamp protocol and also conducts manual smart contract audits. Powered by QSP, the Quantstamp protocol aims to enhance smart contract security and the reputation of projects that create smart contracts by producing openly accessible security reports.

The Quantstamp Protocol

Vulnerabilities
Quantstamp Protocol Betanet User Interface Screenshot
Vulnerabilities
01

Users upload or paste code into the Quantstamp smart contract security validation product

Users pay QSP tokens to scan smart contracts with off-chain computation from scanning nodes. Nodes then bid to audit the contract. In return, users get a line-by-line breakdown of the code’s potential vulnerabilities, along with recommended fixes.

Visual metaphor of a Quantstamp Protocol Node, showing the Oyente and Mithril analyzers, core, and future upgrades.
02

Global off-chain auditor nodes bid for the right to audit the contract

Auditor nodes run the Quantstamp protocol to check smart contract code for all known vulnerabilities. The protocol currently uses Oyente and Mythril analyzers, and Quantstamp is also exploring other analyzers to add to the protocol in the future.

Quantstamp Protocol Betanet Architecture
03

Users get a detailed breakdown of their smart contract security along with recommended fixes.

The protocol consists of two parts:

Check verification system

An automated and upgradeable software verification system that checks smart contract code such as Solidity programs.

Payout system

An automated payout system that rewards human participants in QSP tokens for finding errors in smart contracts. The purpose of this system is to bridge the gap while moving towards the goal of full automation.

View disclaimer
Close disclaimer

The Quantstamp smart contract security validation product is a beta testing version that is under continuing development and subject to unknown risks, dependencies and potential changes. Scan results may not be complete nor inclusive of all possible vulnerabilities. Cryptographic tokens are emergent technologies and carry with them high levels of technical risk and uncertainty. The Solidity language itself and other smart contract languages remain under development and are subject to unknown risks and flaws. The scan of a smart contract does not extend to the compiler layer, or any other areas beyond Solidity or other programming aspects that could present security risks.  Scan
reports should be considered as one element in a more complete security analysis. A warning in a contract report indicates a potential vulnerability, not that a vulnerability is proven to exist.  You may risk loss of QSP tokens or other loss.  Features, functionality, schedules, or design architectures are subject to continuing update, modification, cancellation, delay, external dependencies, evolving regulatory frameworks, and/or factors beyond our control and you are cautioned not to place undue reliance on this information.  A scan report is not an endorsement or indictment of any particular project or team, and the report does not guarantee the security of any particular project. A scan report does not consider, and should not be interpreted as considering or having any bearing on, the potential economics of a token, token sale or any other product, service or other asset.  No third party should rely on the scan reports in any way, including for the purpose of making any decisions to buy or sell any token, product, service or other asset.
For avoidance of doubt, the product and access and/or usage thereof, including any associated services or materials, shall not be considered or relied upon as any form of financial, investment, tax, legal, regulatory, or other advice.

Blockchain solutions
We Provide Full Service Blockchain Solutions, Consulting and Security Audits
Project Scope and Discovery
Project Scope
and Discovery
What is your blockchain strategy? We will evaluate your business and help you understand which blockchain use cases are an ideal fit for your company.
Blockchain technology integration
Blockchain Technology Integration
After understanding how blockchain technology can best support your business, we will develop the technology and assist your engineers in integrating it from front-end to back-end.
System Design and Architecture
System Design
and Architecture
We employ leading architects with expertise in formal verification techniques and security who have built enterprise grade systems.
Expert Smart Contract Auditing
Expert Smart
Contract Auditing
Have you already developed a smart contract or blockchain solution? Contact us to get a white glove audit from the leading security experts in the field. Give your users confidence that your code has achieved the Quantstamp security standard.
Request a Full Service Audit
Quanstamp Verified
Get a permanent, publicly verifiable security record that lives forever on Ethereum. Add the value of trust to your smart contract project.

Our reports offer a comprehensive look into the health of a Smart Contract. Audits that pass our standards can then be given a public facing Security Certificate.

Security audits are mission critical. We’ve secured over $500M+ through audits. Quantstamp offers industry leading auditing services.

  • We use automated formal verification tools and manual auditing
  • Our experts have amassed over 500 Google Scholar citations

Our most popular audit reports:

Learn About Our Auditing Services
Quantstamp Certificate
Security for exchanges
Security for Exchanges
Binance logoQuoine logo
Notable Satisfied Customers
Notable Satisfied Customers
Research Partners
Research Partners
Backed by Y Combinator
Backed by Y Combinator