Joseph Xu:”We’ll help users feel more comfortable and secure”

I had a chance to listen DefiEdge Quantstamp AMA that happened on X, 6 December 2023. You may listen record here.

Thanks to DefiEdge team and Joseph Xu Technical R&D Advisor @Quantstamp and CTO @chainproofDAI for this great session.

Relistening recording, i will be sharing some noteworthy issues with either rephrasing Xu’s words or directly:

• DeFi Protection Program is an effort to be able to offer financial protection to a more broad set of users in the form of financial guarantee.
• DeFi Protection Program is offered by Quantstamp and where ChainProof comes in is to really kind of reassure Quantstamp’s exposure to risks in in this regard.
• If there is any risk happening, there comes an alert which advises the project owner to take some sort of action, for example, withdraw from the pool or maybe even reach out to the protocols themselves to request a pause in the operation. And if despite all of these efforts, the owner sustain a financial loss, the team will also be eligible for reimbursement. So the team / owner will be able to specify the maximum reimbursement amount that would like at when purchasing this service and based on the losses that they sustain, Quantstamp will be able to reimburse the team in the event of any sort of financial loss. So that’s the overview of the program — that Xu mentioned.
• About audit process he says “We do employ a lot of automated analysis of in our audit process and we also have a very strict quality assurance process involved. So and the reason why we work in teams is that you know getting more eyes of and perspectives of different auditors have different expertise or styles in which they try to tackle these code and try to find ways to see how it can get hacked really kind of.”
• Security Service coming with DeFi Protection Program aims to protect users and protocols
• ChainProof is an insurance company but due to regulatory licensing, they are only able to operate in specific jurisdiction and or B2B basis.
• QuantStamp has very active Youtube channel for not just protocol owners but also users for education and learning more. Latest Hacks Roundup video is interesting:

• Quantstamp introduced Economic Exploit Analysis which was actually based on a research that Quantstamp did jointly with the University of Toronto and as a service it aims to search for pathways in which a DeFi protocol might be affected by flash loan based attacks.
• Another type of hack that got very popular recently would be targeting the private keys of the administrator.
• “So we do very rigorous technical due diligence on the protocols that we support and only when we deem them safe enough or with reasonable probability that hack is not that likely right would we be comfortable offering these type of products” Xu mentions.
• About global coverage, Quantstamp is eager to adapt regulations but it takes time and also therecomes a need for assigning a local lawyer in any country.