Recently, SpaceChain Foundation launched an Ethereum-based (ERC-20) SPC token to complement the existing Qtum SPC token. This will allow SpaceChain to enter the wider ecosystem of Ethereum. In order to make sure that this new ERC-20 SPC token meets all the required standards, SpaceChain completed an independent audit by Certik on our code. Certik is a “formal verification framework to mathematically prove that smart contracts and blockchain ecosystems are bug-free and hacker-resistant.”
So how did SPC do? SPC scored 100 out of 100. This is the best result we could have gotten so we are very happy with it. But what does that score mean?
What is an ERC-20 token?
ERC-20 is a simple standard for tokens on Ethereum. It says that for a smart contract to be an ERC-20 token, there are a limited set of functions that the contract must have. Things like the ability to send tokens to another address, find a balance, and a few other common items are included. This is so that there is a baseline and anything that is called an ERC-20 token can at least do those things.
What does verification mean?
There are two possible types of code audits. In the first one, an engineer reads and looks for issues in the code. This is helpful and important, but humans can and will miss things.
The other type of audit is formal verification, which means that another computer program runs the code through a special system to look for certain types of mistakes. This has the advantage over a human audit in that it will never miss the type of error it is looking for. The drawback is that it can only ever find the type of bugs it is looking for.
For the SPC audit, Certik did a formal verification of the code (the second type of audit listed above). Since smart contracts are written in a fairly simple language (usually Solidity), formal methods work very well here. Specifically, they looked for a certain type of math errors that were very easy to make (integer overflows) along with a few other types of errors.
This does not mean that there are no bugs. It means that there are no bugs of the specific type that the audit looked for. The Certik verification looked for the most dangerous types of bugs so we have a high level of confidence in the code.
Why is it important?
Unlike traditional software, smart contracts cannot be upgraded whenever a problem is discovered. When a developer finds a bug in their phone application, they can simply fix it, create a new version, you download it, and everyone moves on. With smart contracts, since the code resides on the Ethereum blockchain, it is immutable. This is both good and bad.
The bad part is obviously that if there are bugs, there isn’t much one can do about it. Even worse, since tokens are frequently related to money, bugs are particularly worrisome (not as bad as bugs in aerospace, but still bad). The good part is that the smart contract code for the token is on the Ethereum blockchain (and can be seen on Etherscan) and cannot be removed from there. Rest assured, you will always know that the code is the same code that was audited. In more traditional software, code can be reviewed and audited but, updates may not be. For smart contract code, you can always be sure of exactly what the code is.
How did we manage to score so well?
There are a few reasons why. First, we kept things simple by keeping the new code to a minimum. Every extra feature has the potential for a bug. By limiting this to just what was needed for an ERC-20 Token, we’ve minimized the number of things that could have gone wrong. When it comes to security, simplicity almost always wins out. This is something that engineers in fields such as aerospace have known for years; the less moving parts something has, the less likely it is to fail (or do something unexpected).
Next, we used a proven base. Zeppelin Solutions provides a set of audited contracts to use as a base for other smart contracts. Using those as a base meant that we did not have to write everything from scratch, which decreases the possibility of errors. and hope that we got it right. The basic parts already exist and have had many eyes on them already. If we were to write everything from scratch ourselves we’d increase the chances of making a costly mistake.
Finally, we tested the token code multiple times before it went live. In software development we frequently ignore the old advice of ‘measure twice, cut once’, but for smart contracts it is vital.
With this 100% score by Certik, you can be confident in the security of the smart contract of the SPC token.
This article was written by John C. Vernaleo, Ph.D. John is an astronomer turned software developer who has been working on Bitcoin and cryptocurrency since early 2013. He is one of the original authors of btcd and Decred. He now works on various cryptocurrency projects at Bloq, Inc.