Shentu Foundation
Published in

Shentu Foundation

CertiK Light-paper

CertiK — Security Infrastructure for Blockchain

The Problem

In June of 2016, the Ethereum Network was shaken by a malicious attack, the ripples of which are still felt today. The DAO (Decentralised Autonomous Organisation), who conducted one of the first ICOs, fell victim to a hack due to a flaw in the smart contract it was written upon.

The hacker was able to drain 3.6m ETH, that’s around $1.2B in value as of September 2020. Three months later, The DAO was, effectively, defunct.

However, the story of Ethereum didn’t end there (you’re reading this now, right?). A hard fork occurred, much to the dismay of many crypto purists, and the funds returned.

Hot fact: The aforementioned hard fork is the reason both Ethereum (ETH) and Ethereum Classic (ETC) exist in unison.

The recent DeFi boom saw the birth of YAM Finance, a DeFi protocol and corresponding token (YAM), which fell 99% in value from $100 to ~$1 due to a flaw in the smart contract underpinning the protocol. The bug in the unaudited smart contract prevented the consensus of the community (among other issues) in regards to governance, and as a result, there was no way to vote a fix for the issue.

Above are just some of the hacks which have occurred in 2020 due to flaws in their smart contract.

Securing the crypto space is like a game of Cops and Robbers — as developers mature in figuring out how to protect themselves from known attacks, the Robbers keep trying to find different ways to steal the loot.

This is where CertiK steps in.

The Solution

Today, the security analysis of smart contracts and on-chain protocols relies on a group of centralized organizations called security auditors, who conduct audits with varying degrees of rigor. Even though the final audit reports contain crucial information about the reliability of the code, the analyses are unable to be used at the time when they’re needed most — right before a transaction is completed. Instead, smart contract users are expected to DYOR and dive into these audit reports themselves (if they’re even public) to conclude whether their assets are safe. Unfortunately, many early adopters of crypto don’t have the time or technical expertise to interpret the security analysis. These early adopters, who should be treated as the most valuable asset, end up being guinea pigs who take on the brunt of the risk.

We want to fix this by providing provable trust for all. In the true spirit of blockchain, users should have access to on-chain, decentralized security intelligence that is immediately accessible to anybody at any time.

The CertiK platform is a multi-faceted security solution for blockchain. Utilizing the Security Oracle, the CertiKShield reimbursement protocol, and the most secure smart contract programming language in existence, DeepSEA, we can ensure the security of blockchain across the entire lifecycle, from development to post-deployment.

The CertiK Chain, a security-first, delegated proof-of-stake blockchain, acts as the bedrock for which the future of blockchain security is built.

The Applications

The CertiK Security Oracle

Oracle: “A person or thing regarded as an infallible authority on something.”

Oracles are utilized on the blockchain in order to send external (off-chain) data into and out of smart contracts.

The CertiK Security Oracle retrieves a set of security scores from a decentralized network of security operators, who assess the reliability of source code and are rewarded in CTK, the native digital fuel of the CertiK Chain. The Security Oracle relays these assessments and combines them to create a real-time, on-chain aggregate score that can be used by anybody seeking to validate the security of the contract.

Depending on the risk tolerance of the interacting party — whether it’s a user or another smart contract — the security score can provide insight into whether transaction sizes should be smaller, split apart, or even stopped altogether.

We can see this in action below:

The Security Oracle retrieved a low security score, and the security check saved the user from losing their assets in this dangerous transaction.

The Security Oracle continuously aggregates the security assessments of a smart contract into the on-chain score — projects can get their code audited in an agile fashion to meet their aggressive timelines. By using a decentralized group of security operators, the suite of security primitives is constantly growing. New static analyzers and security tools can be created, and their assessments would also get incorporated into the ever-updating Security Oracle score.

The Security Oracle will build upon the security auditing work of CertiK, which has secured over $8B worth of digital assets across all sectors of blockchain, including the booming DeFi sector. Leading exchanges worldwide, including Binance, Huobi, OKEx, CoinOne, and Kucoin, have chosen to partner with CertiK’s expertise to audit blockchain projects, so these Security Oracle scores will be important proxies to the reliability of smart contracts.

Security bugs never sleep, so neither does the Security Oracle.


Chainalysis, a blockchain monitoring and analysis company, recently published a blog highlighting that there are currently over 3.7m BTC (~$39.4B as of Sep 2020) which have been lost and, as such, are entirely out of circulation.

$1.7B in 2018

$4.0B in 2019

$1.4B in the first 5 months of 2020 alone

The above figures are the estimated amount of cryptocurrency which has been stolen by malicious actors from 2018–2020. That’s a grand total of $7.1B.

Due to the pseudo-anonymous, immutable nature of blockchains and the crypto assets which power them, the vast majority of users who lose their funds — whether from a hack or misplaced private key — never retrieve their assets.

CertiKShield fixes this.

A CertiKShield Pool is a decentralized pool of CTK that is used to reimburse lost, stolen, or inaccessible assets from any blockchain. The amount that’s lost can be reimbursed by the members of the CertiKShield Pool.

So, how does it work?

There are two parts of the CertiKShield system: 1) members who fill the pool with CTK as collateral to be used to reimburse approved Claim Proposals, and 2) members who seek to protect their crypto assets by reserving a part of the CertiKShield Pool.

Let’s start with the members who are filling the Pool. Just like liquidity providers in DeFi, these members are staking their CTK. In addition to normal staking rewards, these members also gain a portion of the fees paid by the other members who reserve a portion of the Pool to protect their crypto assets. These members who are filling the Pool must recognize the risks associated with being liquidity providers: their staked CTK may be used to pay out approved claims of reimbursement. High risk, high reward.

Now let’s talk about the members who seek to protect their crypto assets. Each CertiKShield Pool is intended to protect the users of a specific crypto asset (like BNB, for instance). If you’re a BNB holder, it may be smart to become a member of the CertiKShield-BNB Pool, where you can reserve a part of the funds to request a reimbursement if your BNB gets lost or stolen. You’ll pay a fee, and as mentioned, this will go directly into the members who have pooled their own CTK as liquidity providers.

Reimbursement eligibility is defined by the provable and irretrievable loss of crypto assets — this can be from a hack, a malfunctioning contract, or other unfortunate event, but losses from social engineering (sim swap, Telegram/Twitter scam, etc.) or a misplaced private key are not eligible because proof of a legitimate loss, as opposed to a coordinated “loss,” is not absolute.

Members seeking reimbursement must submit Claim Proposals, which are voted by the decentralized group of CertiKShield members to approve or reject the claim. All submissions require fees, protecting the system against illegitimate claims and gaming of the system.

The blockchain world is filled with early adopters and long-term holders, so the CertiKShield offers a safer way to protect your crypto assets from any unexpected losses.

The Technology

CertiK Chain

CertiK Chain is designed to be the infrastructure of provable trust, for all stakeholders in the blockchain world. Designed from ground up with blockchain security in mind, CertiK Chain is a proof-of-stake (PoS) blockchain that prioritizes security and cross-chain compatibility.

Additionally, the chain is interoperable, meaning it can be utilized in conjunction with existing blockchains and smart contract platforms. CertiK Chain was built as a Cosmos Hub while maintaining full EVM compatibility, designing itself to not only co-exists with many other blockchains, but to have deep technical integrations and collaborations with them for stronger security across the space. CTK is the native digital utility fuel of CertiK Chain, serving as the core utility for the CertiK Security Oracle and CertiKShield.


As we’ve touched on above, smart contracts are open to security flaws from the moment they are coded. Popular smart contract languages, such as Solidity, provide much flexibility to developers using the language, but the tradeoff of flexibility is room for unnecessary errors.

DeepSEA, a secure programming language and compiler toolchain developed by researchers from CertiK, Yale University, and Columbia University, vastly mitigates the security risks of smart contracts during the development process itself, prior to deployment. Developers can generate machine-checkable proof-objects while they code, easily proving the correctness of their output.

DeepSEA has been awarded research grants from the Ethereum Foundation, Columbia-IBM, and the Qtum Foundation to push forward its hyper-secure programming language.

CertiK Virtual Machine (CVM)

Perhaps the most well known virtual machine in blockchain, the Ethereum Virtual Machine (EVM), serves as the processor for Ethereum smart contracts to be transformed into bytecode and executed.

The CertiK Virtual Machine (CVM) is fully compatible with the EVM, but has been architected to follow the leading universal VM found in computers worldwide, the x86–64 OS process model, while potentially expanding to other ISAs such as arm64 in the future.

The CVM exposes smart contract and blockchain security information, enabling unprecedented ways to access, check, depend on, and even dynamically establish blockchain and smart contract security.

CertiKOS for CertiK Chain

CertiKOS is a certified, concurrent operating system kernel (the core of any OS) and hypervisor developed at Yale University, receiving international acclaim as the world’s first “hacker-resistant” OS kernel.

CertiKOS can be used as a replacement for Linux for certain mission-critical applications, such as the running of a CertiK Chain node or CertiK Security Oracle. By using CertiKOS instead of trusting the 27 million lines of Linux code, these simple, yet mission-critical operations may perform with less unnecessary risk of bugs.

On-Chain Governance

The on-chain governance of CertiK Chain upholds the core values of decentralization, transparency, and security.

Key Players

  1. Stake Delegators: any CertiK Chain user who may delegate their CTK stakes to Validator Operators, entrust Security Certifiers with their votes, and vote directly on non-security-relevant governance proposals.
  2. Security Certifiers: a set of security experts who protect the chain by voting on all security-relevant governance proposals and all security-related chain activities.
  3. Validator Operators: a set of operators of CertiK Chain validator nodes who are responsible for chain operations, including block production and non-security-relevant governance by delegation.

Security Certifiers are unique to CertiK Chain. This group of security experts work to protect the chain by voting on all security-relevant governance proposals and all security-related chain activities.

Security Certifiers can be added and removed so long as there is sufficient agreement from the relevant parties, including Delegators, and Validator Operators.

Voting rights for both operational and financial aspects of the CertiK Chain are bestowed upon Validator Operators, the representatives of stake delegators.

Stake delegators, users who choose to stake their CTK to validators for rewards on the chain, are granted the ability to vote directly on non-security related governance proposals. Alternatively, delegators can choose to entrust Security Certifiers with their votes.

Types of governance proposals include:

Plain Text Proposal: A proposal related to chain operations and governance prior to implementing on-chain modifications. Those wishing to create a Software Upgrade Proposal must first submit a Plain Text Proposal outlining the request.

Software Upgrade Proposal: A proposal to CertiK Chain code following a successful Plain Text Proposal.

Bounty Proposal: A proposal for a contribution request, including the performance of security verifications and security audits. The deposits for a bounty proposal are stored in a pool that can be claimed by contributors who complete the request.

Community Pool Spend Proposal: A proposal to transfer CTK from the Community Pool (more on that below) to a CertiK Chain user who has performed, or is set to perform, development or security work for the Chain.

Certifier Update Proposal: A proposal submitted by Security Certifiers when seeking to add or remove a Certifier.

Provable Trust For All

The mission of the CertiK Foundation is to empower people to trust in blockchain. There are risks at every phase of the blockchain lifecycle, from initial development to live usage, and without directed efforts of raising the standards of security in blockchain, this game of Cops and Robbers will not end well.

By utilizing a more accessible suite of applications, such as the Security Oracle and CertiKShield, alongside a hyper-secure infrastructure, including DeepSEA, CertiKOS, and the CVM, the CertiK ecosystem provides end-to-end, compatible security solutions that establish the infrastructure of provable trust for all.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store