Quantstamp Community Update August 2019

Quantstamp Announcements
September 3, 2019

Releasing our Bounty Protocol, speaking at DEFCON- it’s been an exciting month at Quantstamp. 

Here’s what’s been going on:

Open Sourcing our Bounty Protocol

We are open sourcing the code for our Bounty Protocol. A bounty protocol is a marketplace for developers to identify bugs in smart contracts that automation cannot detect. The Bounty Protocol has the potential to leverage software engineering talent from around the world to add an essential layer of infrastructure for blockchain security.  

In the Bounty Protocol, Bounty providers submit their smart contract to the protocol and offer a bounty. Bug hunters can then review the smart contract code and report vulnerabilities if they find them. Judges, selected via a TCR, then vote to decide if the bug hunter reported a valid vulnerability. If the judges vote in favor of the bug hunter, they receive the bounty.

Along with the Quantstamp Security Network, the Bounty Protocol aims to add another facet of crypto-economic driven security to help scale security to the needs of the blockchain industry. Find out more about the details of the Bounty Protocol in the blog post or check out the Github page

What is a Re-Entrancy Attack?

Recently, we published a blog post on re-entrancy vulnerabilities. One of the first types of smart contract vulnerabilities to be exploited, a re-entrancy vulnerability was responsible for the DAO hack in 2016. 
This blog post, based on an excerpt from our book “Fundamentals of Smart Contract Security”, explains what re-entrancy vulnerabilities are, and how to prevent them. Read more

Jan Gorzny Speaks at DEFCON 

Blockchain Researcher Jan Gorzny spoke recently in Las Vegas at DEFCON. DEFCON is the premier cybersecurity conference and he presented some of his learnings about smart contract security while working at Quantstamp. 

MOBI VID Standard

Recently, MOBI, the mobility open blockchain initiative​ which we are a part of, released the Vehicle IDentification standard which we co-authored along with companies such as Renault, BMW, GM, IBM and Accenture. The VID standard incorporates blockchain technology into a company-agnostic digital vehicle identification system. 

Similar to a VIN(Vehicle Identification Number), the first phase of the VID system focuses on uniquely identifying vehicles. Subsequent VID phases will go beyond what current VINs are capable of - adding additional product definition, ownership history, and a log of key-events in the vehicle's lifecycle. The result will be a trusted and immutable master record of the vehicle's history and data usage.
By co-authoring this paper, we are proud to be helping to lay the groundwork for next generation technology for the automotive industry

Dubai RTA

In Dubai, we are working with the Road Transport Authority to provide a unified fine system, using blockchain. Fines currently come from 5 sources - Parking, licensing Salik(tolls), Public Transportation and Traffic. Fine information often needs to be shared with various agencies or external agencies.  

Providing a Unified Fine System using blockchain simplifies fine administration and information sharing. All departments can work off a single record, simplifying recording, auditing and sharing of fine information. By using blockchain, synchronization is simplified while resiliency, transparency, and accountability are improved.

Enabling Trust-Minimized BTC-DAI Payments

Switch from Kava Labs allows for non-custodial payments across blockchains

We recently audited the smart contracts underlying Trust-Minimized BTC to DAI payments with Kava Lab’s Switch app.

Kava Labs recently released a new plugin for Interledger which integrates ERC-20 assets into the Interledger Protocol. This allows for trust-minimized payments of ERC-20 tokens like DAI or MKR between other blockchains, such as Bitcoin. Find out more about this cool project in this Medium post by Kava’s Kincaid O’Neil.

Kava Labs is creating cross-ledger payment tools as well as a cross-ledger DeFi platform which aims to support multiple blockchains. Find out more about them at Kava.io

DeMarchi Jersey Auction

In August, we worked with BlockStar to help them power a blockchain-driven auction of an exclusive DeMarchi jersey. In honor of Fausto “Il Campionissimo” Coppi, the jersey was the only authorized replica of the jersey worn by the Italian cycling champion. 

Using blockchain, the auction allows the winner to ensure that the jersey they receive is authentic, and also is used to provide them with a digital representation of the jersey. Blockchain-powered auctions directly address the issue of counterfeit goods - a big issue in the collectibles and art space. 
Read more about the auction here

Market Disruptors Podcast

Recently, our very own Head of Strategy Olga Mack appeared on Market Disruptors, a leading podcast which interviews builders, investors, and leaders in the crypto and blockchain space. Olga sat down with Mark and explained the basics of smart contracts, how they compare to legal contracts, as well as the risks of blockchain technology and how to prevent them. 

Listen to the episode here

Waterloo Blockchain+Security Workshop

This Fall, we’ll be speaking as part of the Waterloo Blockchain+Security Workshop. Speakers include CEO Richard Ma, Co-Founder Steven Stewart, and Waterloo professors such as Vijay Ganesh and Raouf Boutaba. Register here, spaces are limited. 

Recent News from Quantstamp

Don’t miss out on the latest from Quantstamp. Follow us on Facebook, check us out on Twitterjoin the conversation on Reddit, Subscribe to our Youtube, Subscribe to our newsletter, or find us on LinkedIn

Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.

June 16, 2020

4 Myths about Ethereum 2.0

Ethereum 2.0, a long-awaited upgrade to Ethereum, is planning to be launched this year. More than a simple update or hard fork, it is an entirely new blockchain which runs on a Proof-of-Stake system. There’s a lot of talk and speculation about Ethereum 2.0. In this post, we highlight 5 easily held misconceptions about this next stage of Ethereum.

June 3, 2020

Understanding Phase 0, The Current Stage of ETH 2.0 Development

Most information about ETH 2.0 development is either highly technical or excessively general. We wrote this post to clear up any confusion regarding the status of ETH 2.0 development.

June 2, 2020

Quantstamp Community Update - May 2020

Auditing ETH 2.0, Gitcoin NYBW Hackathon, Solidity Summit, here's what happened at Quantstamp in May.

May 28, 2020

How to Be an ETH 2.0 Validator on the Topaz Testnet

The Topaz Testnet is a public Ethereum 2.0 testnet created by Prysmatic Labs. It is a testnet version of Ethereum 2.0 Phase 0 which is planned to launch on mainnet later this year. Anyone can participate in the Topaz Testnet as a validator, and this article will walk you through the process.