Quantstamp is a security-audit protocol that was developed to find bugs and vulnerabilities in smart contracts before they are published to the blockchain. The protocol enhances the quality of smart contracts on blockchains by securing and verifying audits through a distributed network of nodes. Quantstamp focusses on Ethereum network contracts. Audits are done automatically, without the need for manual inputs or a trusted third party. This drastically reduces the cost of auditing smart contracts. The founders of Quantstamp were motivated by the 2016 DAO (decentralized autonomous organization) attack which was caused by a vulnerability in the DAO network. The aim of the Quantstamp founders is to help developers deploy code that is trustworthy – leading to a healthier blockchain ecosystem. To ensure there is computational resources available for running security audits, the validation protocol rewards providers of resources. The governance system of the protocol is controlled by token holders, allowing the protocol to be modular and upgradeable. Coins and tokens audited by Quantstamp are airdropped to Quantstamp token holders. This is subject to various conditions, the most prominent of these being Proof-of-Caring (POC).
Quantstamp (QSP) tokens are used to pay for audits, as well as providing a means of remuneration for verifiers who identify bugs.