Great way to explain their use case : Quantstamp example
Suppose a developer plans to deploy a smart contract written in Solidity on Ethereum. There is
substantial risk when writing code that accesses a monetary system, and the developer must be
careful to ensure that no funds are lost due to vulnerabilities.
To minimize risk, the developer submits his code for a security audit via the Quantstamp
Ethereum smart contract directly from his wallet, with the source code in the data field, and by
sending QSP tokens. Depending on the security needs of the program, the developer can decide
how much bounty to send. Then, the smart contract receives the request, and on the next
Ethereum block validation nodes perform a set of security checks to validate the smart contract.
Upon consensus, the proof-of-audit and the report data are added to the next Ethereum block
along with the appropriate token payout. The report classifies issues based on a severity system
from 1–10; a 1 is a minor warning, a 10 is a major vulnerability. From that point on, if a serious
vulnerability is not immediately detected, the bounty remains until the specified time has
elapsed. At the end of the time period, the bounty is returned to the developer who requested the