Quantstamp, what is that?

Jonathan James Eleini, 21/10/2017 (Footnotes removed for Medium)

How Smart Contracts will further decentralise the internet

Inherent in the nature of the internet is the idea of decentralisation. The dissemination of information, the facilitation of communication, pleasure, and the transfer of value that the internet has enabled have inestimably empowered humanity. However, this inherent quality remains only partially exploited. Corporations have created data silos, and painstakingly monetised every corner the internet. Power now resides in the corridors of FAMGA. We can learn, play, communicate, and trade via the internet, but we’ll be squeezed for the privilege.

Only recently has the emerging technology of blockchain promised to exploit the internet’s true potential. Bitcoin has enabled us to image a world in which currency is decentralised. More recently still, with the development of the Ethereum platform and its concomitant ECR20 tokens, blockchain technology has evolved the capacity to mediate between contracting parties. Such mediation, and the code which facilitates this function, has been termed the Smart Contract (hereafter, the “SC”).

The significance of the SC is not just that it promises the digitisation of contractual agreements; we already have such technology in the form of online shopping. What is innovative about the SC is that it can execute contractual obligations automatically with reference to real world events. Here is an example of how a SC might play out in the future:

1. Using a DAapp, A purchases vehicle insurance under terms marketed by B,

2. A is then involved in a vehicle collision,

3. Information about the collision is collected via CCTV and relayed to the SC via an oracle,

4. The SC then automatically correlates this information to determine whether A is entitled to an insurance payout.

5. The contract terms then execute automatically, and accordingly a payout is made or not made.

Thus, every step of the contractual process is economised and expedited.

Crucially, this model provides the dynamic required for the disruption of corporate dominance and the decentralisation of certain business models. Staying with the insurance industry as an example, there are obvious conflicts of interest as insurance vendors are trusted to pay out, and vendees are trusted to accurately report real world events. DApps, supported by the SC, could remove trust from the equation and, as one insurance industry report puts it, “maintain integrity through transparency in order to avoid appointing a centrally trusted third party.” Inefficiencies are minimised, corporate profits eliminated from the model, and fairness enjoyed by all parties. This is no pipe dream, indeed blockchain insurance solutions already exist.

This is just one example of how the SC promises, via blockchain, to fulfil the internet’s potential as a force for decentralisation. The promise is no less significant than this: to decentralise business in toto.

Limitations of the SC

SCs currently suffer three major limitations:

  1. The infancy of Oracle technology,
  2. The semantic complexity of interpreting and collating real world events with contract terms. ( See, https://media.consensys.net/decentralizing-the-deal-e6af1c0cfdab on how contract law may soon benefit from integraton with blockchain technology).
  3. Unfortunately, SCs have do not possess the same invulnerability to hackers, enjoyed by the blockchain itself. SCs have been hacked, and remain vulnerable.

This article is not about limitations 1 or 2, and we might assume that solutions will eventuate. Insofar as limitation 3 is concerned, currently the best solution is the one offered by Quantstamp .

How Quantstamp will improve the security of the SC

Quantstamp markets itself as the “first smart contract security auditing protocol,” in solution to the problem that whilst “blockchain networks are secure … smart contracts are not”. The reality of this problem is something to which the DAO and Parity hacks testify. The security issue is made more pressing by the fact that SC adoption is occurring at an exponential rate, with adoption growing several hundred percent during a five month period in 2017 alone. There are not enough human resources to keep up with demand for security auditing of this niche technology. What Quantstamp has devised is a blockchain based, scalable and cost effective SC auditing solution.

Quantstamp’s system uses a dual approach. First, the team has devised an automated and trustless software auditing program for Solidity, which is capable of being updated over time. Secondly, within the Quantstamp platform, human “validators” act like bounty hunters as they are incentivised to find bugs in SCs, so that these bugs can be fixed. In order to support this process, the Quantstamp team will build a security library containing code that performs automated software checks. Validators will use this library to run the validation node. SCs will be developed which will handle bounty payouts for validators who successfully identify security flaws. This will keep the system as smooth and automated as possible, whilst incentivising ethical behaviour to such an extent that rogue behaviour becomes highly irrational for self interested parties.

The native token, QTS, will be used as the currency to incentivise parties, and thus drive adoption of the Quantstamp platform. The beauty of Quantstamp’s solution lies in the fact that it is, as they say, a “foundational protocol,” or blockchain level solution,“which could eventually be incorporated directly into the Ethereum platform”. Quantstamp thus does for SCs and the auditing process what SCs do to established business, namely, replace a system of trust with a more efficient system of incentivisation, and eliminate any incentive for bad actors (in this case to manipulate audit results out of self-interest).

Quantstamp has identified a significant limitation of SCs (see point 3 above), and has devised a careful solution which is both unique in its approach and impressive in its presentation. If SCs succeed in their promise of disruptive decentralisation, then there is every chance that Quantstamp will be at the heart of this endeavour, dependably auditing SC code and keeping our crypto-assets safe form hackers. In the author’s estimation at least, this is a very good thing indeed.