Binance Labs, the digital asset exchange’s blockchain development incubator, has reportedly invested “multiple millions” of dollars in CertiK, a formal verification platform to “mathematically prove” whether blockchain-based smart contracts are “bug-free” and “hacker-resistant.”
At present, CertiK is working to help ensure that current blockchain-enabled networks do not contain any vulnerabilities which could potentially result in user data being compromised or their funds stolen.
As described on its official website, CertiK will be scaling its verification process by “developing a layer-based approach to decompose … a prohibitive proof task into smaller ones.” In other words, the blockchain startup aims to make the computationally intensive task of proving that a smart contract is free of errors more manageable by dividing the processing workload into “smaller proof obligations.”
Mathematically "Proved And Validated"
The firm explains that these smaller proofs can then be “proved and validated” through decentralized CertiK transactions. Founded last year through a collaborative effort involving Yale University professor, Zhong Shao (who previously designed a certified operating system called CertiKOS), CertiK presently uses mathematical proofs to determine whether a computer network has any vulnerabilities.
In order to check large-scale networks, the company employs a “layer-based decomposition approach, pluggable proof engines, machine-checkable proof objects, certified decentralized application (DApp) libraries, and smart labeling.”
According to CertiK, these processes and tools allow it to validate the security of blockchain networks in a mathematically provable manner. Commenting on Binance’s investment, Ella Zhang, the head of Binance Labs, said:
CertiK mathematically validates the security of smart contracts, which is a critical pain point we are facing in the blockchain ecosystem, bypassing the limitations of manual detection.
CertiK’s announcement also noted that Binance’s investment "signals the recognition of the importance of formal verification in the blockchain industry." As covered by CryptoGlobe in late August, blockchain security and research firm, Hosho, found that over 25% they analyzed contained “critical vulnerabilities.”
Smart Contracts Written By "Newbies"
Also, three in five, or 60%, of smart contracts had some type of security flaw, according to Hosho’s findings. While CertiK’s software may be able to determine whether smart contracts contain bugs or are vulnerable to hackers, many prominent developers in the crypto community have questioned whether smart contracts are actually “smart” or even proper legal contracts.
In fact, Bitcoin developer Jimmy Song has explained that smart contracts are often written (or programmed) by “newbies” who do not have a strong background in law. Song noted that writing legal contracts requires “years of study” and a law degree, and many smart contracts are written by people who might only have some computer programming background.
However, professional lawyers are beginning to enter the blockchain space. As CryptoGlobe covered, Aaron Wright, an associate professor at the Cardozo School of Law at Yeshiva University, is helping to build an open protocol layer called OpenLaw - which will “transform tens of thousands of legal agreements into blockchain compatible systems."