Quantstamp Security Network update, releasing our Bounty Protocol, speaking at DEFCON- it’s been an exciting month at Quantstamp.
Here’s what’s been going on:
Quantstamp Security Network V2 Update
We have upgraded the Quantstamp Security Network to v2.0.4. This latest release updates the version of Solidity supported to 5.11, and also has a number of optimizations. We’ve reduced infura usage, keeping it within the limit for free usage, and also reduced docker image size, saving disk space for node operators. If you’re a node operator, please visit the release page to download the latest version.
Assurance Protocol Beta Test
We will soon be soliciting beta testers for our Assurance Protocol. This is a protocol we have developed which creates a marketplace where users can either stake on the safety of a smart contract, or be compensated in case that smart contract is hacked. Stay tuned for more.
Open Sourcing our Bounty Protocol
We are open sourcing the code for our Bounty Protocol. A bounty protocol is a marketplace for developers to identify bugs in smart contracts that automation cannot detect. The Bounty Protocol has the potential to leverage software engineering talent from around the world to add an essential layer of infrastructure for blockchain security.
In the Bounty Protocol, Bounty providers submit their smart contract to the protocol and offer a bounty. Bug hunters can then review the smart contract code and report vulnerabilities if they find them. Judges, selected via a TCR, then vote to decide if the bug hunter reported a valid vulnerability. If the judges vote in favor of the bug hunter, they receive the bounty.
Along with the Quantstamp Security Network and Assurance Protocol, the Bounty Protocol aims to add another facet of crypto-economic driven security to help scale security to the needs of the blockchain industry. Find out more about the details of the Bounty Protocol in the blog post or check out the Github page.
What is a Re-Entrancy Attack?
Recently, we published a blog post on re-entrancy vulnerabilities. One of the first types of smart contract vulnerabilities to be exploited, a re-entrancy vulnerability was responsible for the DAO hack in 2016.
This blog post, based on an excerpt from our book “Fundamentals of Smart Contract Security”, explains what re-entrancy vulnerabilities are, and how to prevent them. Read more.
Jan Gorzny Speaks at DEFCON
Blockchain Researcher Jan Gorzny spoke recently in Las Vegas at DEFCON. DEFCON is the premier cybersecurity conference and he presented some of his learnings about smart contract security while working at Quantstamp.
MOBI VID Standard
Recently, MOBI, the mobility open blockchain initiative which we are a part of, released the Vehicle IDentification standard which we co-authored along with companies such as Renault, BMW, GM, IBM and Accenture. The VID standard incorporates blockchain technology into a company-agnostic digital vehicle identification system.
Similar to a VIN(Vehicle Identification Number), the first phase of the VID system focuses on uniquely identifying vehicles. Subsequent VID phases will go beyond what current VINs are capable of - adding additional product definition, ownership history, and a log of key-events in the vehicle's lifecycle. The result will be a trusted and immutable master record of the vehicle's history and data usage.
By co-authoring this paper, we are proud to be helping to lay the groundwork for next generation technology for the automotive industry
In Dubai, we are working with the Road Transport Authority to provide a unified fine system, using blockchain. Fines currently come from 5 sources - Parking, licensing Salik(tolls), Public Transportation and Traffic. Fine information often needs to be shared with various agencies or external agencies.
Providing a Unified Fine System using blockchain simplifies fine administration and information sharing. All departments can work off a single record, simplifying recording, auditing and sharing of fine information. By using blockchain, synchronization is simplified while resiliency, transparency, and accountability are improved.
Enabling Trust-Minimized BTC-DAI Payments
Switch from Kava Labs allows for non-custodial payments across blockchains
We recently audited the smart contracts underlying Trust-Minimized BTC to DAI payments with Kava Lab’s Switch app.
Kava Labs recently released a new plugin for Interledger which integrates ERC-20 assets into the Interledger Protocol. This allows for trust-minimized payments of ERC-20 tokens like DAI or MKR between other blockchains, such as Bitcoin. Find out more about this cool project in this Medium post by Kava’s Kincaid O’Neil.
Kava Labs is creating cross-ledger payment tools as well as a cross-ledger DeFi platform which aims to support multiple blockchains. Find out more about them at Kava.io
DeMarchi Jersey Auction
In August, we worked with BlockStar to help them power a blockchain-driven auction of an exclusive DeMarchi jersey. In honor of Fausto “Il Campionissimo” Coppi, the jersey was the only authorized replica of the jersey worn by the Italian cycling champion.
Using blockchain, the auction allows the winner to ensure that the jersey they receive is authentic, and also is used to provide them with a digital representation of the jersey. Blockchain-powered auctions directly address the issue of counterfeit goods - a big issue in the collectibles and art space.
Read more about the auction here.
Market Disruptors Podcast
Recently, our very own Head of Strategy Olga Mack appeared on Market Disruptors, a leading podcast which interviews builders, investors, and leaders in the crypto and blockchain space. Olga sat down with Mark and explained the basics of smart contracts, how they compare to legal contracts, as well as the risks of blockchain technology and how to prevent them.
Waterloo Blockchain+Security Workshop
This Fall, we’ll be speaking as part of the Waterloo Blockchain+Security Workshop. Speakers include CEO Richard Ma, Co-Founder Steven Stewart, and Waterloo professors such as Vijay Ganesh and Raouf Boutaba. Register here, spaces are limited.
Recent News from Quantstamp
- Quantstamp Secures Binance's First Stablecoin
- Quantstamp Releases Decentralized Security Network with Staking and Improved Transparency
- Quantstamp Audits Kakao's Blockchain Platform Klaytn
Don’t miss out on the latest from Quantstamp. Follow us on Facebook, check us out on Twitter, join the conversation on Reddit, Subscribe to our Youtube, Subscribe to our Newsletter, or find us on LinkedIn.
Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.