Quantstamp Betanet Protocol Released on Ethereum Mainnet
We are proud to announce that the Quantstamp betanet protocol is now live on the Ethereum mainnet.
Users will now be able to submit audit requests directly to the betanet version of the Quantstamp Protocol through a portal on our website. Completed audits will generate a publically viewable audit report along with a unique hash that provides a publicly verifiable record of the audit.
“At Quantstamp, we believe blockchain isn’t just the technology of the distant future — it’s something that can drive real value today,” stated Richard Ma, CEO of Quantstamp. “Less than a year since our crowdsale completed, we’re happy to release our betanet protocol onto the Ethereum mainnet. By providing publicly verifiable, third-party audits with betanet, we’re delivering on the promises of blockchain technology and helping to drive forward the adoption of smart contract technology. ”
The Innovation Achieved by the Quantstamp Protocol
With our betanet release, Quantstamp has built something novel. A Quantstamp audit is not only valuable because it can enhance the security of your smart contract; A publicly verifiable record that an audit took place is innovative and unprecedented. This builds trust and confidence in the smart contract, helps all stakeholders have faith and make educated decisions, and generally helps to proliferate smart contracts.
In the past, you had to trust that smart contract developers took all of the necessary security precautions and made no mistakes. Although you had their word, you could never independently verify this information yourself. This lack of smart contract security transparency made it more difficult to build trust across all stakeholders of the smart contract and generally scale smart contracts technology.
Smart contract platforms like Ethereum presented new security challenges for developers. A poorly written smart contract can lead to users having funds stolen or locked up. In 2016, the infamous DAO hack led to 3.6 million Ether — $50 million US dollars at the time — being stolen from the DAO smart contact. Since then, smart contract vulnerabilities appear regularly and have led to millions more dollars worth of Ether being lost.
The challenge currently facing smart contract technology is achieving mainstream adoption safely. Now, for the first time, users will be able use the Quantstamp betanet protocol to independently verify that the smart contracts they are interacting with were audited for security vulnerabilities and review the results. Users no longer need to blindly trust that developers did their due diligence. Using the Quantstamp betanet protocol, they can now independently validate that a security audit took place and review the results by comparing the hash of the audit report with the hash permanently stored on the Ethereum mainnet.
Requesting a Quantstamp Audit on the Ethereum Mainnet
The betanet protocol portal on the Quantstamp website will relay your audit requests to the Quantstamp smart contracts on the Ethereum mainnet.
In order to start an audit, users can go to betanet.quantstamp.com and authorize a transfer of QSP using Metamask. The Quantstamp protocol will hold this QSP as an allowance until an audit has successfully completed. After the transfer is authorized, users will submit their smart contract code on the Quantstamp portal. Subsequently, Quantstamp will make sure that your code compiles correctly and is in the correct format. Then Quantstamp will publish this code to a unique URL.
Once the URL has successfully published, users will then need to make another transaction using Metamask. This transaction will send the URL containing the Solidity code the user wishes to audit to the Quantstamp smart contract on Ethereum. Quantstamp permissioned nodes will then become aware of the audit request and one of these nodes will complete the audit.
Once the auditing node has completed your audit, it will submit a transaction to Ethereum. This transaction will record two things on the Ethereum mainnet: the hash of your audit report and the URL of where your audit report is located. Quantstamp will then publish the new URL containing your publicly viewable audit report.
Using Whitelisted Nodes to Improve the Quantstamp Betanet Protocol
For our betanet release, we will only allow whitelisted organizations to run Quantstamp auditing nodes. We are seeking to whitelist trusted and reputable research institutions and industrial partners who share our vision of proliferating of smart contracts. Node operators will help us monitor the performance of our nodes and of the Quantstamp protocol itself. We chose to whitelist nodes in this development phase because we want to continue to test and perfect our node software and protocol before allowing the public to participate as node operators.
Although node operators will be whitelisted, anyone is allowed to purchase a publicly verifiable audit from the Quantstamp protocol.
Our whitelisted node operators will work closely with us in order to:
- Debug our node software,
- Improve our smart contracts,
- Learn more about audit price discovery, and
- Research incentive structures that would motivate node operators to be non malicious.
We will begin onboarding whitelisted nodes this September.
On the Horizon
Our betanet is a transitional state of our protocol. We are developing the Quantstamp protocol using an iterative process, and we will continue to launch, test and improve new versions of the protocol in order to create a great product that is an excellent fit for our users and that facilitates the proliferation of smart contracts.
With our betanet release, Quantstamp is now one step closer to enhancing the standards of smart contract security and helping make blockchain technology fit for mainstream use.