Why Quantstamp Protocol (QSP) Project is of High Quality.
author: simonhsj，project manager/ former developer in IBM work on LLVM IR/former developer in Synopsys work on SMT based static analysis module.
0. The Problem QSP Solves.
As is mentioned in the whitepaper, blockchain is secure while smart contract is not. Ethereum smart contracts are programmed in Solidity, a high-level programming language which has similar syntax with JavaScirpt. Human designed Solidity programs are likely to contain potential bug or boundary violation which may result in tremendous dollar lost.
Traditional smart contract audit methods cannot solve the problem of trustness and security, as the audit result can be easily manipulated.
QSP is proposed to ensure the security of smart contracts based on blockchain and formal methods, which is workable and promising for the reasons as follows.
- The Effectiveness of Formal Methods and Reasoning Tools is Widely Proved.
Satisfiability (SAT) and Satisfiability Modulo Theories (SMT) solvers have become the backbone of numerous applications in computer science, such as automated verification, artificial intelligence, program synthesis, security, product configuration, and many more.
Especially for SMT, it enhances the constraint solving ability by introducing rich first-order theories. EDA giant Synopsys’ programmable design and coding checker LEDA introduced SMT solver to conduct verification of complex system-on-chip (SoC) designs. IBM introduced SMT solver in their XL Compiler to check boundary and control-flow violation. Annual Compilation is organized to award the state-of-the-art solvers, among them CVC3/4, MapleSAT and open-sourced Microsoft Z3 are some representatives, these SMT/SAT solvers are widely used in production and research purpose and are proved to be effective. It is noteworthy that the team members delivered a list of outstanding and award-winning solvers as is shown in their white paper, which shows their strong research accomplishments.
The introducing of formal methods, static program analysis, boundary model checking(BMC) technology and reasoning tools solidities the theoretical and technical foundation, making the QSP project farther professional and promising than ones in the same period.
2. Blockchain Highly Matches the Scenario of Trusted Audit.
The design of the Security Audit Mechanism is distributed, smart contract to be audited will be transferred to decentralized verifier nodes directly, which makes the audit results invulnerable.
The distributed verify node (miner) also makes the audit work robust and of high available, these features are all benifited from blockchain.
Learn more about Quantstamp: