Smart Contract Audits have three big bugs
Doing a bad or lazy audit job has no consequences. Demand is growing, skills are hardly traceable.
A single auditor or a connected group might choose to wait and exploit a bug when the smart contract is live.
Lack of trust
There is no accurate security confidence metric that determines how secure any given smart contract is, producing lack of trust in projects and leaving room for scams.
Solidified is the #1 smart contract audit platform.
With 200 experts and more than 85M EUR secured, we know the market and its problems. To take on those problems, we need to re-align the incentives in the audit process.
What is the Bug Prediction Market?
In a bug prediction market, actors can bet on whether a vulnerability will be discovered in a smart contract by a certain date. The basis for such a market is a smart contract that has been audited and secured by an individual or a group of auditors using the Solidified platform. These actors are held accountable for securing the code by having staked income and reputation in form of the Solid token.
- Incentivise reporting bugs found in deployed contracts rather than exploiting them.
- Serve as an early warning system that a vulnerability will be discovered.
- Providing an economic measure of confidence in a deployed contract’s security.
- Reward bug hunters for evaluating a smart contract, even if it’s bug-free.
How a Decentralized Audit Works
- Author posts an audit request consisting of their code, Solid Tokens for payment, and bug bounty terms.
- Author chooses an Auditor based on their staked Solid Token budget or preference.
- Author receives bug reports and fixes them.
- Auditor bids Solid Tokens as a bug bounty budget to win the audit.
- Auditor executes the audit and identifies bugs
- Auditor receives their remaining bug bounty budget together with the Author’s token budget as their payment, when the audit is done.
- Bug hunters search for bugs. If they find some they are rewarded from the Auditor’s bug bounty stake.
- Bug hunters search for remaining bugs. They gain massively if they find one and stake tokens on the prediction of “Has Bugs“
- Traders join the market and stake Solid Tokens on the outcome.
Reliability established • Missing-trust-bug fixed.
The prediction market closes after a pre-set window expires. An arbitration process verifies or rejects bug reports and resolves the outcome. Winning tokens pay Solid Tokens, losing tokens are worthless.
Two possible outcomes
- Everyone who owns "Bug-free" tokens can convert them to Solid Tokens.
Earn the Solidified Stamp
- The Solidified Stamp indicates a truly secure smart contract and creates customer and investor trust.
- Everyone who owns "Has Bugs" tokens can convert them to Solid Tokens.
- The code is now significantly safer, the process may be repeated
A new standard for smart contract security
Smart contracts are the foundation of a decentralized economy. But ongoing hacks, allowed by poor code quality and insufficient audits, put mass adoption at risk. Automated solutions cannot account for the ever-evolving logic and use cases of smart contracts. With our proven process, the bug prediction market and the Solidifed stamp, we offer a reliable standard for smart contract security and trust.