Quantstamp Community Update December 25, 2018

Quantstamp Announcements
November 20, 2018

Decentralized Security Protocol progress, bug bounties, supporting efforts to improve governance in Colombia and more. Here’s what’s been going on at Quantstamp recently:

Quantstamp Protocol Progress

This month, we continued to move towards our next iteration of the decentralized Quantstamp Protocol. We are also removing the whitelisting of nodes and are researching a bug bounty protocol.

Removing Whitelisting of Nodes

In the present version of the Quantstamp Protocol, auditing nodes are whitelisted by Quantstamp — only enrolled actors can participate. While the nodes are currently run by different organizations and individuals around the world, we still aim to enhance decentralization in upcoming iterations.

The next iteration of the protocol will remove this whitelisting process. In its place, we plan to add review nodes that check scan reports before reports are published. This mechanism is meant to prevent a bad actor (node) from publishing a false report.

Exploring a Bug Bounty System

We are  experimenting with a decentralized bug bounty system. This system aims to provide bounties to bug finders in case they find vulnerabilities published in smart contracts.

The initial design of the bounty system includes bounty providers, bug hunters, and judges. The bounty providers are stakeholders in the smart contract’s security, such as the smart contract’s owner. They provide a bug bounty which incentivizes bug hunters to try to find vulnerabilities in the smart contract. These bug hunters will submit bug reports. Security experts, identified by a Token-Curated Registry (TCR), will examine the bug reports and determine whether a vulnerability found is a true vulnerability or false positive. Bug hunters who find true vulnerabilities will be rewarded.

Our research efforts into a bounty system are excellent complements to the decentralized automated security scans provided by the Quantstamp Protocol. Our ultimate goal is to provide decentralized, scalable protection throughout the life cycle of a smart contract which includes after a smart contract is deployed.

Coral Protocol Audit

This month our security team performed a manual audit of Coral Protocol. Coral Protocol provides data and analytics on blockchain addresses to increase compliance and combat fraud. It analyzes wallets and assigns a trust score, which is kept up to date through blockchain monitoring.

Coral shares our mission of keeping the blockchain safe, which we think is a fundamental pillar of the mainstream adoption of smart contracts.

Fighting Corruption in Colombia

This month our VP of Strategy Olga V. Mack headed off to Colombia where she worked with the World Economic Forum to develop a blockchain solution that addresses corruption in government procurement processes.

Roadmap Update

Our latest quarterly roadmap update went live earlier this month. It includes exciting news about Quantstamp Protocol updates, partnerships and our plans to explore using Token-Curated Registries. Check it out here.

Smart Contract Security Alliance

December was another great month for the Smart Contract Security Alliance. We were excited to have Blockgeeks join our efforts to improve blockchain security and drive the healthy growth and adoption of blockchain applications. Blockgeeks provides industry-leading blockchain education and is based out of Canada. The alliance is truly a global presence now, with other members including Modular in the US, NUS in Singapore, as well as LayerX and NRI Secure in Japan.

Security companies interested in advancing blockchain technology standards are encouraged to join the Smart Contract Security Alliance and have a voice in the future of blockchain security. Learn more at SmartContractSecurityAlliance.com or talk to us directly at hello@smartcontractsecurityalliance.com.


We continue to be active in blockchain events and conferences both regionally and internationally. Here are some of the more notable events we attended in December:


We had a strong presence at ETHSingapore, where we gave several talks on the Quantstamp Protocol and also helped sponsored a hackathon. David Mihal won our hackathon with his GUI for the Quantstamp Betanet. Check it out here.


We participated in BUIDL Seoul 2018, a large-scale technical conference in Korea where our head of APAC Kei Oda spoke on a panel about “Preserving Security and Privacy”.

Real World Applications of Blockchain Panel

Our Head of Business Development Don Ho spoke on a panel at Deloitte with Neil Gerber from IBM and Robert Drost from Consensys on the real world applications of blockchain technology. Held in San Francisco, the event was organized by The Blockchain Society.

Quantstamp in Taiwan

Quantstamp Engineer Yohei Oka delivers a speech at Taipei Ethereum Meetup

This month members of the Quantstamp team visited Taiwan. We spoke at an event hosted by the Taipei Ethereum Meetup, a developer-focused organization, as well as at National Taiwan University — the top university in Taiwan.

Quantstamp CEO Richard Ma speaks on the Cybersecurity landscape in 2018

We also spoke on a panel about the “Cybersecurity landscape in 2018”, at an event organized by Polyswarm.

Holiday Hours at Quantstamp

The Quantstamp team will be out of office until January 3, 2019. From all of us at Quantstamp, Merry Christmas and Happy Holidays!

Ready for 2019

As we head into the new year and reflect back on 2018, we want to thank our incredible community for their continued support. From Y-Combinator demo day to releasing our betanet protocol on the Ethereum mainnet, co-founding the Smart Contract Security Standards Alliance and writing a book, it’s been an incredible year.

As we move forward in our mission to achieve mainstream adoption of smart contracts, we’re incredibly grateful for friends, partners and collaborators and look forward to what’s coming up in the year ahead.

Interested in working for us?

We are hiring for a variety of positions globally. Check out our careers page.

Still want more?

Don’t miss out on the latest from Quantstamp. Subscribe to our newsletter, follow us on Twitter, or join our Telegram. Our weekly Friday AMA is on hiatus during the holidays and will resume mid-January.

Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.

June 16, 2020

4 Myths about Ethereum 2.0

Ethereum 2.0, a long-awaited upgrade to Ethereum, is planning to be launched this year. More than a simple update or hard fork, it is an entirely new blockchain which runs on a Proof-of-Stake system. There’s a lot of talk and speculation about Ethereum 2.0. In this post, we highlight 5 easily held misconceptions about this next stage of Ethereum.

June 3, 2020

Understanding Phase 0, The Current Stage of ETH 2.0 Development

Most information about ETH 2.0 development is either highly technical or excessively general. We wrote this post to clear up any confusion regarding the status of ETH 2.0 development.

June 2, 2020

Quantstamp Community Update - May 2020

Auditing ETH 2.0, Gitcoin NYBW Hackathon, Solidity Summit, here's what happened at Quantstamp in May.

May 28, 2020

How to Be an ETH 2.0 Validator on the Topaz Testnet

The Topaz Testnet is a public Ethereum 2.0 testnet created by Prysmatic Labs. It is a testnet version of Ethereum 2.0 Phase 0 which is planned to launch on mainnet later this year. Anyone can participate in the Topaz Testnet as a validator, and this article will walk you through the process.