Quantstamp Community Update December 25, 2018

Quantstamp Announcements
November 20, 2018

Decentralized Security Protocol progress, bug bounties, supporting efforts to improve governance in Colombia and more. Here’s what’s been going on at Quantstamp recently:

Quantstamp Protocol Progress

This month, we continued to move towards our next iteration of the decentralized Quantstamp Protocol. We are also removing the whitelisting of nodes and are researching a bug bounty protocol.

Removing Whitelisting of Nodes

In the present version of the Quantstamp Protocol, auditing nodes are whitelisted by Quantstamp — only enrolled actors can participate. While the nodes are currently run by different organizations and individuals around the world, we still aim to enhance decentralization in upcoming iterations.

The next iteration of the protocol will remove this whitelisting process. In its place, we plan to add review nodes that check scan reports before reports are published. This mechanism is meant to prevent a bad actor (node) from publishing a false report.

Exploring a Bug Bounty System

We are  experimenting with a decentralized bug bounty system. This system aims to provide bounties to bug finders in case they find vulnerabilities published in smart contracts.

The initial design of the bounty system includes bounty providers, bug hunters, and judges. The bounty providers are stakeholders in the smart contract’s security, such as the smart contract’s owner. They provide a bug bounty which incentivizes bug hunters to try to find vulnerabilities in the smart contract. These bug hunters will submit bug reports. Security experts, identified by a Token-Curated Registry (TCR), will examine the bug reports and determine whether a vulnerability found is a true vulnerability or false positive. Bug hunters who find true vulnerabilities will be rewarded.

Our research efforts into a bounty system are excellent complements to the decentralized automated security scans provided by the Quantstamp Protocol. Our ultimate goal is to provide decentralized, scalable protection throughout the life cycle of a smart contract which includes after a smart contract is deployed.

Coral Protocol Audit

This month our security team performed a manual audit of Coral Protocol. Coral Protocol provides data and analytics on blockchain addresses to increase compliance and combat fraud. It analyzes wallets and assigns a trust score, which is kept up to date through blockchain monitoring.

Coral shares our mission of keeping the blockchain safe, which we think is a fundamental pillar of the mainstream adoption of smart contracts.

Fighting Corruption in Colombia

This month our VP of Strategy Olga V. Mack headed off to Colombia where she worked with the World Economic Forum to develop a blockchain solution that addresses corruption in government procurement processes.

Roadmap Update

Our latest quarterly roadmap update went live earlier this month. It includes exciting news about Quantstamp Protocol updates, partnerships and our plans to explore using Token-Curated Registries. Check it out here.

Smart Contract Security Alliance

December was another great month for the Smart Contract Security Alliance. We were excited to have Blockgeeks join our efforts to improve blockchain security and drive the healthy growth and adoption of blockchain applications. Blockgeeks provides industry-leading blockchain education and is based out of Canada. The alliance is truly a global presence now, with other members including Modular in the US, NUS in Singapore, as well as LayerX and NRI Secure in Japan.

Security companies interested in advancing blockchain technology standards are encouraged to join the Smart Contract Security Alliance and have a voice in the future of blockchain security. Learn more at SmartContractSecurityAlliance.com or talk to us directly at hello@smartcontractsecurityalliance.com.

Events

We continue to be active in blockchain events and conferences both regionally and internationally. Here are some of the more notable events we attended in December:

ETHSingapore

We had a strong presence at ETHSingapore, where we gave several talks on the Quantstamp Protocol and also helped sponsored a hackathon. David Mihal won our hackathon with his GUI for the Quantstamp Betanet. Check it out here.

BUIDL Korea

We participated in BUIDL Seoul 2018, a large-scale technical conference in Korea where our head of APAC Kei Oda spoke on a panel about “Preserving Security and Privacy”.

Real World Applications of Blockchain Panel

Our Head of Business Development Don Ho spoke on a panel at Deloitte with Neil Gerber from IBM and Robert Drost from Consensys on the real world applications of blockchain technology. Held in San Francisco, the event was organized by The Blockchain Society.

Quantstamp in Taiwan

Quantstamp Engineer Yohei Oka delivers a speech at Taipei Ethereum Meetup

This month members of the Quantstamp team visited Taiwan. We spoke at an event hosted by the Taipei Ethereum Meetup, a developer-focused organization, as well as at National Taiwan University — the top university in Taiwan.

Quantstamp CEO Richard Ma speaks on the Cybersecurity landscape in 2018

We also spoke on a panel about the “Cybersecurity landscape in 2018”, at an event organized by Polyswarm.

Holiday Hours at Quantstamp

The Quantstamp team will be out of office until January 3, 2019. From all of us at Quantstamp, Merry Christmas and Happy Holidays!

Ready for 2019

As we head into the new year and reflect back on 2018, we want to thank our incredible community for their continued support. From Y-Combinator demo day to releasing our betanet protocol on the Ethereum mainnet, co-founding the Smart Contract Security Standards Alliance and writing a book, it’s been an incredible year.

As we move forward in our mission to achieve mainstream adoption of smart contracts, we’re incredibly grateful for friends, partners and collaborators and look forward to what’s coming up in the year ahead.

Interested in working for us?

We are hiring for a variety of positions globally. Check out our careers page.

Still want more?

Don’t miss out on the latest from Quantstamp. Subscribe to our newsletter, follow us on Twitter, or join our Telegram. Our weekly Friday AMA is on hiatus during the holidays and will resume mid-January.

Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.

Quantstamp Announcements
November 20, 2018

Decentralized Security Protocol progress, bug bounties, supporting efforts to improve governance in Colombia and more. Here’s what’s been going on at Quantstamp recently:

Quantstamp Protocol Progress

This month, we continued to move towards our next iteration of the decentralized Quantstamp Protocol. We are also removing the whitelisting of nodes and are researching a bug bounty protocol.

Removing Whitelisting of Nodes

In the present version of the Quantstamp Protocol, auditing nodes are whitelisted by Quantstamp — only enrolled actors can participate. While the nodes are currently run by different organizations and individuals around the world, we still aim to enhance decentralization in upcoming iterations.

The next iteration of the protocol will remove this whitelisting process. In its place, we plan to add review nodes that check scan reports before reports are published. This mechanism is meant to prevent a bad actor (node) from publishing a false report.

Exploring a Bug Bounty System

We are  experimenting with a decentralized bug bounty system. This system aims to provide bounties to bug finders in case they find vulnerabilities published in smart contracts.

The initial design of the bounty system includes bounty providers, bug hunters, and judges. The bounty providers are stakeholders in the smart contract’s security, such as the smart contract’s owner. They provide a bug bounty which incentivizes bug hunters to try to find vulnerabilities in the smart contract. These bug hunters will submit bug reports. Security experts, identified by a Token-Curated Registry (TCR), will examine the bug reports and determine whether a vulnerability found is a true vulnerability or false positive. Bug hunters who find true vulnerabilities will be rewarded.

Our research efforts into a bounty system are excellent complements to the decentralized automated security scans provided by the Quantstamp Protocol. Our ultimate goal is to provide decentralized, scalable protection throughout the life cycle of a smart contract which includes after a smart contract is deployed.

Coral Protocol Audit

This month our security team performed a manual audit of Coral Protocol. Coral Protocol provides data and analytics on blockchain addresses to increase compliance and combat fraud. It analyzes wallets and assigns a trust score, which is kept up to date through blockchain monitoring.

Coral shares our mission of keeping the blockchain safe, which we think is a fundamental pillar of the mainstream adoption of smart contracts.

Fighting Corruption in Colombia

This month our VP of Strategy Olga V. Mack headed off to Colombia where she worked with the World Economic Forum to develop a blockchain solution that addresses corruption in government procurement processes.

Roadmap Update

Our latest quarterly roadmap update went live earlier this month. It includes exciting news about Quantstamp Protocol updates, partnerships and our plans to explore using Token-Curated Registries. Check it out here.

Smart Contract Security Alliance

December was another great month for the Smart Contract Security Alliance. We were excited to have Blockgeeks join our efforts to improve blockchain security and drive the healthy growth and adoption of blockchain applications. Blockgeeks provides industry-leading blockchain education and is based out of Canada. The alliance is truly a global presence now, with other members including Modular in the US, NUS in Singapore, as well as LayerX and NRI Secure in Japan.

Security companies interested in advancing blockchain technology standards are encouraged to join the Smart Contract Security Alliance and have a voice in the future of blockchain security. Learn more at SmartContractSecurityAlliance.com or talk to us directly at hello@smartcontractsecurityalliance.com.

Events

We continue to be active in blockchain events and conferences both regionally and internationally. Here are some of the more notable events we attended in December:

ETHSingapore

We had a strong presence at ETHSingapore, where we gave several talks on the Quantstamp Protocol and also helped sponsored a hackathon. David Mihal won our hackathon with his GUI for the Quantstamp Betanet. Check it out here.

BUIDL Korea

We participated in BUIDL Seoul 2018, a large-scale technical conference in Korea where our head of APAC Kei Oda spoke on a panel about “Preserving Security and Privacy”.

Real World Applications of Blockchain Panel

Our Head of Business Development Don Ho spoke on a panel at Deloitte with Neil Gerber from IBM and Robert Drost from Consensys on the real world applications of blockchain technology. Held in San Francisco, the event was organized by The Blockchain Society.

Quantstamp in Taiwan

Quantstamp Engineer Yohei Oka delivers a speech at Taipei Ethereum Meetup

This month members of the Quantstamp team visited Taiwan. We spoke at an event hosted by the Taipei Ethereum Meetup, a developer-focused organization, as well as at National Taiwan University — the top university in Taiwan.

Quantstamp CEO Richard Ma speaks on the Cybersecurity landscape in 2018

We also spoke on a panel about the “Cybersecurity landscape in 2018”, at an event organized by Polyswarm.

Holiday Hours at Quantstamp

The Quantstamp team will be out of office until January 3, 2019. From all of us at Quantstamp, Merry Christmas and Happy Holidays!

Ready for 2019

As we head into the new year and reflect back on 2018, we want to thank our incredible community for their continued support. From Y-Combinator demo day to releasing our betanet protocol on the Ethereum mainnet, co-founding the Smart Contract Security Standards Alliance and writing a book, it’s been an incredible year.

As we move forward in our mission to achieve mainstream adoption of smart contracts, we’re incredibly grateful for friends, partners and collaborators and look forward to what’s coming up in the year ahead.

Interested in working for us?

We are hiring for a variety of positions globally. Check out our careers page.

Still want more?

Don’t miss out on the latest from Quantstamp. Subscribe to our newsletter, follow us on Twitter, or join our Telegram. Our weekly Friday AMA is on hiatus during the holidays and will resume mid-January.

Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.

July 3, 2023

Towards SATisfactory Web3 Software Engineering

In web3, traditional methods of bug detection and code verification fall short. Learn how lightweight formal methods can offer a practical approach to identifying and fixing bugs in dApp code.

June 5, 2023

Quantstamp x Hypernative Partner to Enhance Web3 Security

Quantstamp and Hypernative are excited to announce a partnership that marks a major milestone in bolstering security within the fast-moving web3 ecosystem.

March 28, 2023

The Regens Building a More Sustainable Future

From infrastructure to gamification, meet some of the movers and shakers of ReFi that are making things happen behind the scenes.

March 27, 2023

Quantstamp Receives Multiple Layer 2 Community Grants from Ethereum Foundation

Learn more about the grants Quantstamp has received from the Ethereum Foundation in the Cybersecurity, Data Analysis, and Data Visualization categories.