Open in app

Sign in

Write

Sign in

Honest CertiK ICO review

Kiku
Golden Borodutch
Published in
13 min readApr 21, 2019

Note: this is an English translation of the Russian article we wrote recently with an in-depth analysis of the CertiK ICO.

ICO Website | White Paper | ICO Chat | Medium | Github

The review was created by “Avocado Approves” community with the support of Golden Borodutch Telegram channel. For the convenience of readers, the review is divided into five parts: product, team, partners, legal part and conclusion. We’d appreciate if the project team answered the questions in bold publicly.

Worth noting that everything written below only represents the personal opinion of the author, which fully complies with the Fair Use laws and the First Amendment. It’s is in no way trading advice, and all the information was gathered from public sources.

Product

CertiK is an audit service for smart contracts and protocols.

Its peculiarity lies in the fact that the Formal Verification of the code is automated and decentralized, conducted on chunks of code in any programming language with the help of deep learning.

The workflow on the customer side looks like this:

1) The customer sends a smart contract to CertiK for verification.

2) If the smart contract is simple, the service marks the code automatically. If the contract is complex, the customer should label the code manually.

3) CertiK divides the smart contract into several modules and distributes them between the network nodes to verify the code with the Proof of Work principle.

4) Results of the verification are transmitted from the nodes to checkers to confirm the accuracy of the test.

5) After confirmation of correctness, nodes and validators are awarded CertiK tokens, and the audit results are sent to the customer as a document [example].

The product is divided into six tools:

  1. Smart labeling;
  2. Modular verification;
  3. Result check of the modular verification;
  4. An open protocol for plugging in verification algorithms
  5. IDE plug-ins for building better DApps;
  6. Verification services from experts;

In addition to these tools, the project promises to introduce its own blockchain and programming language for smart contracts.

And here we will outline a number of questions about the product that have not yet been answered. Some questions are asked from the point of view of the user not acquainted with verification technologies. We ask the team to step down to the level of their future users and answer all of our questions. If it turns out that the questions already have answers in the White Paper, the community would be grateful if the team would reformulate them in a more straightforward language.

1. Code smart labeling with deep learning

An illustrative example of Certik labeling in smart contracts is @post @pre in a comment to the code. Here it denotes the function of sending tokens.

These labels indicate function actions in the code (specification), so the CertiK system could understand the design of the contract and prepare for Formal Verification. Also, labels are necessary to make contract verification possible, even if contracts are written in different programming languages. Deep learning is required to train the system to put labels in the right places automatically.

  • How exactly does smart labeling work? Can you share any technical details?
  • How are you going to provide the power necessary for smart labeling? How long will this process take?
  • Will the user have to pay for smart labeling? If so, what will influence the price?
  • With what machines will machine learning be organized? On what data will it be based?
  • Who of the programmers are implementing deep learning? Do they have similar development experience? Please provide references to their previous projects.
  • What options does the customer have, if a smart contract is too complicated for smart labeling and they have to label the code themselves, but they have no idea how?
  • Who checks the accuracy of specifications? What if smart labeling creates a specification that doesn’t match the code or the customer’s requirements?

2. Full Formal Verification of the code is decomposed into modules

Formal Verification is necessary for automatic verification of mathematical models of smart contracts for compliance with previously affixed labels (specifications). Decomposition is necessary for fast, cheap, thorough, and decentralized code verification. Decomposition also solves the main problem of model checking, that is state explosion (scaling).

  • How can mathematical models be compatible with any programming language? Can you share technical details of the implementation?
  • Will verification include performance testing of the code? If so, who’s going to do that? Won’t running untested code be unsafe for the nodes? If you don’t test the verification, how do you check that the mathematical model is error-free and the code wouldn’t crash when running?
  • If there are multiple checkers and verifying nodes, how the result of verification will be put together to be sent to the customer? Who sends the resulting file to customers?
  • How many times should nodes check the code until the checker confirms its compliance with the specification? How will the code be rechecked — will each module be checked on the same set of nodes or allocated to a new one?
  • If nodes are verified by checkers, who will verify the checkers? Where is the guarantee that the checker wouldn’t skip on proper verification of the node results?
  • What are the minimum technical requirements to become a checker or a network node?
  • How much time will verification take? What influences its price?
  • If the customer wants to verify a smart contract, can they only pay with CertiK tokens? If that’s so, where can the customer get tokens, except buying them on an exchange?
  • Can you give a full guarantee for the security of smart contracts that have been verified by the CertiK platform?

General questions on the project

  • Who is going to fill up the CertiK database with newly discovered vulnerabilities of smart contracts? What’s the procedure?
  • Who will check the algorithms added to the protocol?
  • For what IDEs and programming languages will certified plugins be developed? Will the code of these plugins be public?
  • Who will provide expert audit services for the platform? Is it possible to become an expert? What are the requirements for this?

At the time of writing, CertiK Github account has four repositories, three of which are forks of other people’s smart contracts. The fourth repository stores the CertiK documentation, which provides a partially labeled code in Solidity as an example. The CertiK product itself is not publicly available.

  • Do you plan on publishing the product code in the public domain? If so, what will you publish and when?

At the end of August 2018, Certik announced the launch of the tool for automatic verification of smart contracts — Certik AutoScan Engine. According to the team, this tool was used to conduct a full check of token contracts on Etherscan. Also, CertiK published a 30-second video with the test demonstration.

CertiK published the initial results of the test in their blog on Medium. The team cannot disclose the token names or location of vulnerabilities for security reasons. CertiK reached out to the contract owners and promised to publish the results after solving the issues. Aslo, CertiK intends to contact cryptocurrency exchanges to integrate with its ‘AutoScan’ service for routine scanning and monitoring.

  • Will the source code or the AutoScan Engine itself be public? If so, when?
  • What are the guarantees that the video above isn’t merely a render? Can you prove that 500 tokens were not just manually checked by an expert, which would only take 10–15 minutes per contract, given that the code of most smart contracts is short?

The CertiK website has an application form for a contract audit. The project published reports stating that 5 ICO projects have been audited so far. All of them, Blockcloud, MultiVAC, IoTeX, Top Network , and Celer have 100 points give or take with no critical errors.

  • Can you share results of the audits where CertiK has found backdoors or critical errors in smart contracts?

The launch of the testnet and mainnet are scheduled for June 2019 and December 2019 respectively. According to the roadmap, a stable version of the contract verification service and a beta version of smart labeling have already been released.

  • Where can we try the stable version of contract verification and the beta version of smart labeling?

Team

Officially the project has no advisors. This can be explained by the fact that most consultants simply borrow their reputation, while CertiK addresses the heads of companies directly. In any case, the absence of advisors is not critical, given that the project has funds that can replace the advisors.

The history of the project begins in 2016, when the current co-founder of CertiK, Ronghui Gu, finished working on his doctoral thesis at Yale University in the United States. The title of the thesis was “CertiKOS: An Extensible Architecture for Building Certified Concurrent OS Kernels.” As a result of this work, together with the second co-founder of CertiK, Zhong Shao, Gu developed CertiKOS — the world’s first operating system that runs on multi-core processors and shields against cyber attacks. CertiKOS later became part of a research project DeepSpec that develops specification and verification for software. Accordingly, the CertiK team participated in these studies. It is also alleged that CertiKOS is widely used for military purposes. It is true that CertiKOS is a popular study on the web, but we have not found any public connection with the military.

  • Where can we find evidence that the military use CertiKOS? Can you share evidence that the work on CertikOS has moved beyond the research stage?

The CertiK team compromises world-class Formal Verification experts who are professors from Columbia University and Yale University, as well as senior software engineers from Google, Facebook, and FreeWheel.
CertiK White Paper, page 5

Only eight people from the team are public. Almost all of them are in senior positions at businesses or universities.

Zhong Shao — co-founder

  • Professor and Chair of Computer Science Department at Yale University.
  • Ph.D. in Computer Science from Princeton University.
  • The main researcher of the DeepSpec project. Shao and his Yale FLINT group have developed the world’s first hacker-resistant and concurrent operating system — CertiKOS. The Flint team has about 90 research articles where Zhong Shao is an author or co-author. They also developed a certified SML / NJ compiler;
  • Shao has a long list of studies, activities, and grants. In 2008, he was a visiting researcher at Microsoft Research;
  • Prominent information footprint on the web;
  • His Github account is an old but inactive one.

Ronghui Gu — co-founder

  • Assistant Professor of Computer Science, Columbia University.
  • Ph.D. in Computer Science from Yale
  • In his CV he indicates that from 2016 till 2017 he used to work as a developer at Google;
  • Co-author of 8 scientific studies on certified and verified code;
  • Prominent information footprint on the web;
  • His Github account is old, but barely active.

Muhan Zou — co-founder, Executive Vice President, Strategy Director

  • For more than 2 years he worked as a web developer of a SaaS at Oracle;
  • For 3 years he worked as a senior developer at FreeWheel advertising company;
  • His Github account is old but inactive.

Vilhelm Sjoberg — Principal Scientist

  • Ph.D. in Computer Science from the University of Pennsylvania in 2015.
  • For 4 years he worked as a researcher at the FLINT research group.
  • He is a co-author of 14 scientific publications on code verification and programming languages.
  • His Github account is old but inactive.

Zhaozhong Ni — VP of Engineering

  • Ph.D. in Computer Science from Yale University;
  • He is an author and co-author of about 12 scientific publications on code verification, including modular verification;
  • Co-author of two patents related to data storage systems;
  • For 3 years Ni worked as a code certification researcher at Microsoft;
  • For about 3 years he worked as a system engineer for 3PAR, a data storage equipment purchased by Hewlett-Packard;
  • For a long time (according to his Github statistics for 1 year, according to his LinkedIn for 7 years) Ni worked at Google as a developer of gVisor, a framework that integrates into Docker or Kubernetes to improve container protection.

Daryl Hok is the chief operating officer. According to his LinkedIn, Daryl has about 7 years of experience in developing and managing two medium-sized technology companies.

Yvan Nasr — head of Business Development. MBA from the University of Chicago, Booth School of Business. For half a year he worked as the Head of Partnerships at Hosho, a blockchain cybersecurity startup providing audit services for smart contracts and protocols. Nasr also points out having experience in management consulting for ten years; the companies include Samsung, FINTECH Barclays, and Kingfisher trading network.

Kai Yan — Chief Business Officer. Yan obtained his Ph.D. in Economics at Yale University. For almost 6 years he worked as an economist at the International Monetary Fund and for about 2 years as a strategist at the Light Sky Macro hedge fund.

Not all of the team members are explicitly listed. Judging by what people indicate as their place of work on LinkedIn, CertiK also has analysts, managers, an accountant, and a front-end developer.

CertiK White Paper states they plan to hire 20 more software engineers and researchers. There are 8 vacancies on their website along with internship opportunities for students.

Partners

Partners, funds, and customers of CertiK

Most of the partners are publicly confirmed. All in all, CertiK has about 21 customers for smart contract audit.

On the Etherscan website, CertiK has been added to the list of recommended smart contract auditors. Also in CertiK White Paper, page 19, it states that the CertiK team partnered as the required/recommended auditor of severa, cryptocurrency exchanges, including Binance, OKEx, Huobi, Bittrex, and Kucoin. But we couldn’t find anything related to CertiK either in applications for token listing or on the exchange websites.

  • Where can we find evidence that CertiK is the auditor recommended by these cryptocurrency exchanges?

CertiK investors: Binance Labs, NEO Global Capital, LinkVC, Kosmos, Torque Capital, XRP Capital, and DFG — all publicly confirmed. The press and the team also claim that they received grants for developing Formal Verification and the DeepSEA programming language. The grants were awarded to Professor Gu’s (CertiK co-founder) lab at Columbia University by IBM, QTUM, and Ethereum Foundation.

Legal part

CertiK LLC, the technology company, is registered in the state of Delaware under number 6767945 in the name of Ronghui Gu.

CERTIK FOUNDATION LTD., an entity for investment, is registered in Singapore under number 201804796Z. Tzedek Law LLC, a law firm, consults them there on selling tokens.

None of the team members appears on the OFAC sanctions list.

Note: Kai Yan is an erroneous similarity to a Chinese company

Judging by the results of Whois, the registration of certik.org domain is clean.

CertiK has two types of tokens: CKT and CKG (gas, like NEO), both are Utility native. Customers need those to pay for audit services and IDE plug-ins, as well as to reward nodes, checkers and developers for their work.

In the White Paper Certificate on page 12 it’s stated:

… CKT/CKG: (a) is non-refundable and cannot be exchanged for cash (or its equivalent value in any other virtual currency) or any payment obligation by the Foundation or any affiliate;

  • Does that mean that you have no plans of listing your token on exchanges?
  • Why do you refuse to accept the tokens back? What if the team fails to start the main network or the project closes?

Probably, this is partly solved by the fact that during the ICO tokens will be of the ERC-20 format, meaning they will be listed on exchanges before the launch of the main network. And when the mainnet is launched, tokens will turn into native CKT.

The project prohibits investment by citizens of the US, Canada, New Zealand, China, and Korea.

According to the team, investments of accredited investors in the seed rounds were accepted through SAFT and SAFE contracts.

In project chat and marketing materials, it was repeatedly said that the technologies behind automated mathematical verification and code decomposition in modules were patented by the CertiK founders. However, we did not find anything related to the project in the patent registers. We asked to prove the existence of these patents in project chats but received no answer.

  • Can you provide us with application numbers or links to CertiK patents?
  • Have you evaluated the cost of CertiK technology? If so, where can we find the appraiser’s report?

Conclusion

Automated smart contracts audit is a complex product, both in development and in sales. The team has an impressive academic experience, support of two universities and a few large foundations. Part of the product can be delivered to the public, but finding the customers seems to be the most daunting task. The project seems legitimate, but we’d like to see the patents after all.

Outline of the project key risks:

  • There is no public information about the strategy and promotion plans.
  • There are two prominent competitors: Quantstamp and Open Zeppelin. Both active and have been working for quite a while. They use different methodologies.
  • Weak token model: to order an audit customers first have to buy tokens on an exchange, then convert them to native CertiK tokens, and only after all of that they’d be able to buy the service. Quantstamp’s customers had faced the same obstacle, but then Quantstamp included Ethereum and Fiat in the list of payment methods.
  • The lack of public information about the tokenometrics, liqudity pool, redemption policy, and the conditions for early investors.
  • There is no code on Github and the product is private. There is no way to see or try out what the project has already accomplished.

In general, there is still little information about the project, but we can let them go away with that, given the specifics of the product and the current absence of ICO.

Don’t be shy to clap or rant in the comments if you note any errors or inaccuracies in the text. Thanks!

Blockchain
ICO
Token Sale
Cryptocurrency
Honest Reviews

--

--

Kiku
Golden Borodutch

Written by Kiku

171 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams