Quantstamp Community Update Nov. 29, 2018

Quantstamp Announcements
November 20, 2018

Quantstamp Protocol

Securify Integration

We are making good progress on integrating another analyzer, Securify, into the upcoming version of the Quantstamp Protocol. Securify is an automated smart contract security scanner made by ChainSecurity based on research developed at ETH Zurich. It has been used to scan over 22,000 smart contracts.

Along with our existing integrations of the Mythril and Oyente analyzers, Securify expands the analysis capabilities accessible through the Quantstamp protocol by offering a more comprehensive look at the security of a smart contract. Besides covering a wider variety of vulnerabilities, it also helps reduce the occurrence of false positives, improving the accuracy of the protocol.

As an open-source analyzer, Securify is open to development not only by ChainSecurity but also community members. This allows it to easily be updated to address new vulnerabilities as they arise.

Decentralizing our Protocol

As explained in the October Community Update, we’re working to further decentralize our protocol. This includes storing scan reports directly on the Ethereum blockchain(rather than on AWS), as well as developing decentralized ways to detect and deter malicious actors on the protocol rather than relying on whitelisted nodes.

We are making progress on this initiative on all fronts and are on track with our goals for the current code sprint.

Enterprise Monitoring

Quantstamp is expanding its offerings for enterprise customers with the Quantstamp Enterprise Monitoring Dashboard.

At Quantstamp, we understand that smart contract security doesn’t stop when the contract gets deployed. That’s part of the motivation for the Assurance Protocol and also why we’ve developed a monitoring service to track irregularities after a contract is published on the blockchain. We call this the “post-deployment stage” in the lifespan of a contract.

During the post-deployment stage, new vulnerabilities and exploits that were previously undetectable may endanger the contract. The result could be missing funds, frozen tokens, or counterfeiting. Our monitoring service checks for these kinds of security incidents as they happen, and to alert the smart contract owner, allowing them to take action immediately.

Our monitoring service extends our enterprise security services beyond white-glove audits to cover the continuing life cycle of a smart contract from pre- to post-deployment. For customers, it can help to provide peace of mind. If you’re an exchange or token issuer interested in this service, please reach out to us.

New Team Members

Helena Flack is a community manager and communications professional. She will be heading up our communications efforts in Europe.

Prior to Quantstamp, she worked at Parity Technologies, where she worked directly with Gavin Wood, Co-founder of Ethereum. She is also a co-organiser of ETHBerlin and helps out on the communications strategies for ETHGlobal events too. An experienced PR professional, she is skilled in both crisis and reactive PR as well as proactive PR efforts, media relations, social media, public affairs, and event organization.

Website Redesign

We recently revamped our website design. We believe the new design provides a better user experience as well as better insight into the Quantstamp Protocol, our roadmap and progress, and our enterprise services. Check it out here.

Fundamentals of Smart Contract Security Book

Illustration of a smart contract vulnerability which will appear in Fundamentals of Smart Contract Security

The Quantstamp team has finished drafting Fundamentals of Smart Contract Security, expected to release this winter. This book will provide an in-depth look at both the issues involved in smart contract security, and practical examples of vulnerabilities in the wild.

With Fundamentals of Smart Contract Security, we aim to help spread knowledge and awareness of smart contract security.

Chamber of Digital Commerce

Our CEO Richard Ma recently joined the Chamber of Digital Commerce as co-chair of the Smart Contracts Alliance. The Chamber of Digital Commerce is the world’s first and largest trade association representing the digital asset and blockchain industry. It meets with legislators and industry leaders in order to promote the real-world application of smart contracts and blockchain technology.

As CEO of Quantstamp, Richard has helped lead initiatives to improve the secure mainstream adoption of blockchain technology, and he aims to further that cause as co-chair of the Smart Contracts Alliance.

Events

We continue to be active in blockchain events and conferences both regionally and internationally. Here are some of the more notable events we attended in November:

Devcon 4

Quantstamp leadership and core team members at Devcon 4

We had a strong presence at Devcon 4, with leadership and many core team members in attendance. Devcon 4 is one of the largest Ethereum conferences in the world. Attended by Vitalik Buterin and core members of the Ethereum Foundation, it has a strong focus on designing, developing and building out decentralized applications.


Quantstamp Head of Business Development Don Ho talks to Crypt0 about Quantstamp at Devcon 4

At Devcon4, our Senior Research Engineer, Martin Derka, presented a workshop on preparing for a security review/audit. In addition, our CEO Richard Ma also demonstrated Plasma Dog, a game which runs on the OMG Plasma MVP which we audited earlier this month.

Blockchain Advocacy Coalition

In November, we hosted the Blockchain Advocacy Coalition along with California’s next treasurer Fiona Ma, and Blockchain for Social Justice at our San Francisco offices. We believe that blockchain will have an impact on all our lives, and working to shape legislation in positive ways will benefit everyone.

Node Tokyo

Quantstamp Engineer Yohei Oka speaks on smart contract vulnerabilities at Node Tokyo

We sponsored and spoke at Node Tokyo. This large-scale event featured speakers from the Ethereum Foundation, Origin Protocol, Metamask, and more, connecting the world’s top blockchain projects with Japan.

Stay Tuned

Something’s always happening at Quantstamp. Stay tuned by subscribing to our newsletter, following us on Twitter, or joining our Telegram. And of course, don’t forget our AMA/Q&A every Friday at noon PST on our Telegram channel.

Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.

Quantstamp Announcements
November 20, 2018

Quantstamp Protocol

Securify Integration

We are making good progress on integrating another analyzer, Securify, into the upcoming version of the Quantstamp Protocol. Securify is an automated smart contract security scanner made by ChainSecurity based on research developed at ETH Zurich. It has been used to scan over 22,000 smart contracts.

Along with our existing integrations of the Mythril and Oyente analyzers, Securify expands the analysis capabilities accessible through the Quantstamp protocol by offering a more comprehensive look at the security of a smart contract. Besides covering a wider variety of vulnerabilities, it also helps reduce the occurrence of false positives, improving the accuracy of the protocol.

As an open-source analyzer, Securify is open to development not only by ChainSecurity but also community members. This allows it to easily be updated to address new vulnerabilities as they arise.

Decentralizing our Protocol

As explained in the October Community Update, we’re working to further decentralize our protocol. This includes storing scan reports directly on the Ethereum blockchain(rather than on AWS), as well as developing decentralized ways to detect and deter malicious actors on the protocol rather than relying on whitelisted nodes.

We are making progress on this initiative on all fronts and are on track with our goals for the current code sprint.

Enterprise Monitoring

Quantstamp is expanding its offerings for enterprise customers with the Quantstamp Enterprise Monitoring Dashboard.

At Quantstamp, we understand that smart contract security doesn’t stop when the contract gets deployed. That’s part of the motivation for the Assurance Protocol and also why we’ve developed a monitoring service to track irregularities after a contract is published on the blockchain. We call this the “post-deployment stage” in the lifespan of a contract.

During the post-deployment stage, new vulnerabilities and exploits that were previously undetectable may endanger the contract. The result could be missing funds, frozen tokens, or counterfeiting. Our monitoring service checks for these kinds of security incidents as they happen, and to alert the smart contract owner, allowing them to take action immediately.

Our monitoring service extends our enterprise security services beyond white-glove audits to cover the continuing life cycle of a smart contract from pre- to post-deployment. For customers, it can help to provide peace of mind. If you’re an exchange or token issuer interested in this service, please reach out to us.

New Team Members

Helena Flack is a community manager and communications professional. She will be heading up our communications efforts in Europe.

Prior to Quantstamp, she worked at Parity Technologies, where she worked directly with Gavin Wood, Co-founder of Ethereum. She is also a co-organiser of ETHBerlin and helps out on the communications strategies for ETHGlobal events too. An experienced PR professional, she is skilled in both crisis and reactive PR as well as proactive PR efforts, media relations, social media, public affairs, and event organization.

Website Redesign

We recently revamped our website design. We believe the new design provides a better user experience as well as better insight into the Quantstamp Protocol, our roadmap and progress, and our enterprise services. Check it out here.

Fundamentals of Smart Contract Security Book

Illustration of a smart contract vulnerability which will appear in Fundamentals of Smart Contract Security

The Quantstamp team has finished drafting Fundamentals of Smart Contract Security, expected to release this winter. This book will provide an in-depth look at both the issues involved in smart contract security, and practical examples of vulnerabilities in the wild.

With Fundamentals of Smart Contract Security, we aim to help spread knowledge and awareness of smart contract security.

Chamber of Digital Commerce

Our CEO Richard Ma recently joined the Chamber of Digital Commerce as co-chair of the Smart Contracts Alliance. The Chamber of Digital Commerce is the world’s first and largest trade association representing the digital asset and blockchain industry. It meets with legislators and industry leaders in order to promote the real-world application of smart contracts and blockchain technology.

As CEO of Quantstamp, Richard has helped lead initiatives to improve the secure mainstream adoption of blockchain technology, and he aims to further that cause as co-chair of the Smart Contracts Alliance.

Events

We continue to be active in blockchain events and conferences both regionally and internationally. Here are some of the more notable events we attended in November:

Devcon 4

Quantstamp leadership and core team members at Devcon 4

We had a strong presence at Devcon 4, with leadership and many core team members in attendance. Devcon 4 is one of the largest Ethereum conferences in the world. Attended by Vitalik Buterin and core members of the Ethereum Foundation, it has a strong focus on designing, developing and building out decentralized applications.


Quantstamp Head of Business Development Don Ho talks to Crypt0 about Quantstamp at Devcon 4

At Devcon4, our Senior Research Engineer, Martin Derka, presented a workshop on preparing for a security review/audit. In addition, our CEO Richard Ma also demonstrated Plasma Dog, a game which runs on the OMG Plasma MVP which we audited earlier this month.

Blockchain Advocacy Coalition

In November, we hosted the Blockchain Advocacy Coalition along with California’s next treasurer Fiona Ma, and Blockchain for Social Justice at our San Francisco offices. We believe that blockchain will have an impact on all our lives, and working to shape legislation in positive ways will benefit everyone.

Node Tokyo

Quantstamp Engineer Yohei Oka speaks on smart contract vulnerabilities at Node Tokyo

We sponsored and spoke at Node Tokyo. This large-scale event featured speakers from the Ethereum Foundation, Origin Protocol, Metamask, and more, connecting the world’s top blockchain projects with Japan.

Stay Tuned

Something’s always happening at Quantstamp. Stay tuned by subscribing to our newsletter, following us on Twitter, or joining our Telegram. And of course, don’t forget our AMA/Q&A every Friday at noon PST on our Telegram channel.

Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.

September 29, 2023

Partnering with Toku to Enhance Web3 Security & Payroll Practices

Quantstamp is thrilled to announce a strategic partnership with Toku, marking a significant milestone in our commitment to web3 security and compliance.

July 3, 2023

Towards SATisfactory Web3 Software Engineering

In web3, traditional methods of bug detection and code verification fall short. Learn how lightweight formal methods can offer a practical approach to identifying and fixing bugs in dApp code.

June 5, 2023

Quantstamp x Hypernative Partner to Enhance Web3 Security

Quantstamp and Hypernative are excited to announce a partnership that marks a major milestone in bolstering security within the fast-moving web3 ecosystem.