Quantstamp Community Update - October 2020

Quantstamp Announcements
November 11, 2020

Audit of Ethereum 2.0 client Teku, blockchain insurance, Open DeFi, virtual events, and more media coverage... here’s what happened at Quantstamp in October.


Quantstamp Completes Audit of 2nd ETH 2.0 Implementation

We’re excited to announce the completion of our audit of Teku, the Ethereum 2.0 client developed by ConsenSys. This marks Quantstamp’s 2nd audit of an Ethereum 2.0 implementation: the Prysm client by Prysmatic Labs was audited by Quantstamp in July. 

“Ethereum 2.0 is on track to deliver Phase 0 in the very near future,” says Quantstamp CEO Richard Ma. “Client teams have spent countless hours coordinating, testing, and working with auditing firms to ensure that the foundation of Ethereum 2.0 is ready for delivery.” 

The audit included enforcing network consensus rules, maintaining consensus, and code that controls rewards and penalties for stakers. Overall, it was a very collaborative process. The code base was high quality, and any findings were disclosed as they were discovered, allowing the Teku development team to quickly resolve them. 




Formally Verifying Hedera Hashgraph's Stablecoin Framework

Stablecoins provide a compelling opportunity for enterprises by combining the transparency, security, and privacy of a digital asset with the stability of traditional currency. However, since 2017, over a quarter billion USD worth of digital assets have been lost or stolen due to errors in smart contract development. For enterprises to be comfortable leveraging the benefits of stablecoins, rigorous software verification and extensive auditing is crucial. Quantstamp has developed a formal specification for stablecoins built on Hedera Hashgraph and deployed using the Hedera Consensus Service.

The framework shortens development time, provides formal guarantees about the correctness of functions, removes the need to develop new tests, and creates a shared understanding amongst developers in regards to the stablecoins’ architecture and functionality. Developers seeking to integrate Hedera Hashgraph stablecoins into their platforms have certain security guarantees that reduce complexity and create a more predictable environment.

When stablecoins follow a secure framework, it facilitates their integration into other financial applications and helps support the development of a healthy stablecoin ecosystem. This also makes it easier for enterprises to create safe and compliant stablecoins.

Learn more about this project in our recent post.


Other Recent Audits

Aavegotchi: Quantstamp has now completed our audit of Aavegotchi's ghst-staking repository. Aavegotchi allows users to collect, compete, and combine Aavegotchis for a gamified experience that brings the concept of DeFi staking to NFT collectibles. GHST is the native utility token used as the medium of exchange between participants in the Aavegotchi ecosystem.

DerivaDEX: DerivaDEX is a decentralized exchange for derivative contracts built on top of Ethereum, powered by a DAO and decentralized insurance fund. As a community-owned exchange, their token allows users to participate in the governance and operations of the exchange. This is also the first major project to implement an upgradeability framework called Diamond. "Diamonds" are contracts that get external functions from other contracts, called "facets". Additional facets can then get added, removed and modified down the road via governance.

Nodle: Nodle is an IoT platform building on Polkadot using Substrate. Substrate is a blockchain framework that gives projects the ability to deploy an autonomous IoT network that directly connects to other blockchains. Nodle is attempting to solve two major challenges that face the IoT space: connectivity and security. With a more scalable payments chain, Nodle can power its global rewards network while remaining decentralized and secure.

Powertrade: Powertrade is a Bitcoin options trading platform with a mobile-first approach. 



Quantstamp Joins Open DeFi

This month, Quantstamp was one of five more members to join the global DeFi initiative Open DeFi, along with Aave, DyDx, Balancer, Outlier Ventures, and BlockScience. This global alliance unites blockchain leaders and DeFi startups to foster cross-border market growth, sustainability, and innovation.


Having secured over $5 billion USD of value for over 140 blockchain projects, Quantstamp has unique insights into risk management and is excited to share our unique knowledge with the Open DeFi community. Participating in the risk management track, we look forward to learning from our peers and working together to address some of the industry's biggest challenges. This recent CoinTelegraph article provides some additional information about the initiative and some of its other members.


The Status of Insurance in the Blockchain Industry

Traditionally, the concept of insurance is very familiar—there is always the chance that an unlikely event takes place that leads to expensive one-time costs. 

In the blockchain space, well over a quarter billion dollars worth of cryptocurrency has been lost or stolen due to bugs in smart contracts since 2017. While audits are still essential, they do not completely eliminate the possibility of a bug being present in code. 

Enter blockchain insurance. Blockchain insurance is still in its early days and has focused more on exchanges such as Coinbase or Crypto.com. More recently, on-chain insurance was popularized by Nexus Mutual. But as the blockchain ecosystem matures, the security needs of the space are evolving. 

Quantstamp’s extensive experience in the blockchain space has made us uniquely qualified to assess risk in this industry. In this recent post, we cover the three types of services Quantstamp offers to help our clients protect themselves against smart contract security risk.



Liquidity2020

Liquidity2020 Summit took place on October 16 - 18, hosted by Dystopia Labs. Quantstamp CEO Richard Ma presented  “The Future is Still DeFi”. Attendees got to hear about some of the hacks that took place this year, exciting projects we’re working on, and what’s next for the DeFi space. If you missed it, you can watch Richard’s talk on YouTube or find the other sessions online.


LA Blockchain Summit

LA Blockchain Summit kicked off October 6-7th, hosting 200+ international industry leaders discussing the future of blockchain technology, decentralized finance, digital securities, and more. 

Quantstamp CEO Richard Ma presented on a panel entitled Strong Privacy and Regulatory Compliance: Reasons We Can’t Pitch DeFi to Enterprises Yet. If you missed the live event, watch the session on YouTube.




Media: Quantstamp’s Recent Teku Audit

Quantstamp was featured in both Decrypt and CryptoBriefing in regards to the recent completion of our Teku audit. 

The migration of Ether and the DeFi ecosystem to Ethereum 2.0 is a high stakes process, with over 28 billion USD worth of Ether and other digital assets depending on the successful transition to proof-of-stake. Quantstamp is thrilled to have worked with the Teku team and look forward to the future of Ethereum.


Read More:

Decrypt:  Quantstamp Says Ethereum 2.0 Ready for Launch

Crypto Briefing: ConsenSys’ Ethereum 2.0 Client Earns Top Marks Following Quantstamp Audit



Keep up with Quantstamp

Follow us on LinkedIn, like us on Facebook, check out our Github, follow us out on Twitter, join the conversation on Reddit, subscribe to our Youtube Channel, or sign up for our newsletter

 

Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.


Quantstamp Announcements
November 11, 2020

Audit of Ethereum 2.0 client Teku, blockchain insurance, Open DeFi, virtual events, and more media coverage... here’s what happened at Quantstamp in October.


Quantstamp Completes Audit of 2nd ETH 2.0 Implementation

We’re excited to announce the completion of our audit of Teku, the Ethereum 2.0 client developed by ConsenSys. This marks Quantstamp’s 2nd audit of an Ethereum 2.0 implementation: the Prysm client by Prysmatic Labs was audited by Quantstamp in July. 

“Ethereum 2.0 is on track to deliver Phase 0 in the very near future,” says Quantstamp CEO Richard Ma. “Client teams have spent countless hours coordinating, testing, and working with auditing firms to ensure that the foundation of Ethereum 2.0 is ready for delivery.” 

The audit included enforcing network consensus rules, maintaining consensus, and code that controls rewards and penalties for stakers. Overall, it was a very collaborative process. The code base was high quality, and any findings were disclosed as they were discovered, allowing the Teku development team to quickly resolve them. 




Formally Verifying Hedera Hashgraph's Stablecoin Framework

Stablecoins provide a compelling opportunity for enterprises by combining the transparency, security, and privacy of a digital asset with the stability of traditional currency. However, since 2017, over a quarter billion USD worth of digital assets have been lost or stolen due to errors in smart contract development. For enterprises to be comfortable leveraging the benefits of stablecoins, rigorous software verification and extensive auditing is crucial. Quantstamp has developed a formal specification for stablecoins built on Hedera Hashgraph and deployed using the Hedera Consensus Service.

The framework shortens development time, provides formal guarantees about the correctness of functions, removes the need to develop new tests, and creates a shared understanding amongst developers in regards to the stablecoins’ architecture and functionality. Developers seeking to integrate Hedera Hashgraph stablecoins into their platforms have certain security guarantees that reduce complexity and create a more predictable environment.

When stablecoins follow a secure framework, it facilitates their integration into other financial applications and helps support the development of a healthy stablecoin ecosystem. This also makes it easier for enterprises to create safe and compliant stablecoins.

Learn more about this project in our recent post.


Other Recent Audits

Aavegotchi: Quantstamp has now completed our audit of Aavegotchi's ghst-staking repository. Aavegotchi allows users to collect, compete, and combine Aavegotchis for a gamified experience that brings the concept of DeFi staking to NFT collectibles. GHST is the native utility token used as the medium of exchange between participants in the Aavegotchi ecosystem.

DerivaDEX: DerivaDEX is a decentralized exchange for derivative contracts built on top of Ethereum, powered by a DAO and decentralized insurance fund. As a community-owned exchange, their token allows users to participate in the governance and operations of the exchange. This is also the first major project to implement an upgradeability framework called Diamond. "Diamonds" are contracts that get external functions from other contracts, called "facets". Additional facets can then get added, removed and modified down the road via governance.

Nodle: Nodle is an IoT platform building on Polkadot using Substrate. Substrate is a blockchain framework that gives projects the ability to deploy an autonomous IoT network that directly connects to other blockchains. Nodle is attempting to solve two major challenges that face the IoT space: connectivity and security. With a more scalable payments chain, Nodle can power its global rewards network while remaining decentralized and secure.

Powertrade: Powertrade is a Bitcoin options trading platform with a mobile-first approach. 



Quantstamp Joins Open DeFi

This month, Quantstamp was one of five more members to join the global DeFi initiative Open DeFi, along with Aave, DyDx, Balancer, Outlier Ventures, and BlockScience. This global alliance unites blockchain leaders and DeFi startups to foster cross-border market growth, sustainability, and innovation.


Having secured over $5 billion USD of value for over 140 blockchain projects, Quantstamp has unique insights into risk management and is excited to share our unique knowledge with the Open DeFi community. Participating in the risk management track, we look forward to learning from our peers and working together to address some of the industry's biggest challenges. This recent CoinTelegraph article provides some additional information about the initiative and some of its other members.


The Status of Insurance in the Blockchain Industry

Traditionally, the concept of insurance is very familiar—there is always the chance that an unlikely event takes place that leads to expensive one-time costs. 

In the blockchain space, well over a quarter billion dollars worth of cryptocurrency has been lost or stolen due to bugs in smart contracts since 2017. While audits are still essential, they do not completely eliminate the possibility of a bug being present in code. 

Enter blockchain insurance. Blockchain insurance is still in its early days and has focused more on exchanges such as Coinbase or Crypto.com. More recently, on-chain insurance was popularized by Nexus Mutual. But as the blockchain ecosystem matures, the security needs of the space are evolving. 

Quantstamp’s extensive experience in the blockchain space has made us uniquely qualified to assess risk in this industry. In this recent post, we cover the three types of services Quantstamp offers to help our clients protect themselves against smart contract security risk.



Liquidity2020

Liquidity2020 Summit took place on October 16 - 18, hosted by Dystopia Labs. Quantstamp CEO Richard Ma presented  “The Future is Still DeFi”. Attendees got to hear about some of the hacks that took place this year, exciting projects we’re working on, and what’s next for the DeFi space. If you missed it, you can watch Richard’s talk on YouTube or find the other sessions online.


LA Blockchain Summit

LA Blockchain Summit kicked off October 6-7th, hosting 200+ international industry leaders discussing the future of blockchain technology, decentralized finance, digital securities, and more. 

Quantstamp CEO Richard Ma presented on a panel entitled Strong Privacy and Regulatory Compliance: Reasons We Can’t Pitch DeFi to Enterprises Yet. If you missed the live event, watch the session on YouTube.




Media: Quantstamp’s Recent Teku Audit

Quantstamp was featured in both Decrypt and CryptoBriefing in regards to the recent completion of our Teku audit. 

The migration of Ether and the DeFi ecosystem to Ethereum 2.0 is a high stakes process, with over 28 billion USD worth of Ether and other digital assets depending on the successful transition to proof-of-stake. Quantstamp is thrilled to have worked with the Teku team and look forward to the future of Ethereum.


Read More:

Decrypt:  Quantstamp Says Ethereum 2.0 Ready for Launch

Crypto Briefing: ConsenSys’ Ethereum 2.0 Client Earns Top Marks Following Quantstamp Audit



Keep up with Quantstamp

Follow us on LinkedIn, like us on Facebook, check out our Github, follow us out on Twitter, join the conversation on Reddit, subscribe to our Youtube Channel, or sign up for our newsletter

 

Note: This update includes information and forward-looking statements about upcoming events and concepts under continuing development. Schedules, features, and functionality are subject to change or cancellation at any time and you are not to place undue reliance on this information or any forward-looking statements.


September 29, 2023

Partnering with Toku to Enhance Web3 Security & Payroll Practices

Quantstamp is thrilled to announce a strategic partnership with Toku, marking a significant milestone in our commitment to web3 security and compliance.

July 3, 2023

Towards SATisfactory Web3 Software Engineering

In web3, traditional methods of bug detection and code verification fall short. Learn how lightweight formal methods can offer a practical approach to identifying and fixing bugs in dApp code.

June 5, 2023

Quantstamp x Hypernative Partner to Enhance Web3 Security

Quantstamp and Hypernative are excited to announce a partnership that marks a major milestone in bolstering security within the fast-moving web3 ecosystem.