CertiK: Securing the Web3 World, through On-chain and Off-chain Security Services

Follow CertiK on :

Prof. Ronghui Gu, Cofounder, CertiKProf. Ronghui Gu, Cofounder
Critical assets governed by decentralized technology are prone to newer cyber risks, and since trust is a tangible metric within such networks, the underlying code needs to be resilient against any cyberattacks. In 2020, the financial losses associated with software discrepancies in blockchain and smart contracts exceeded $500 million; that number only tripled in 2021. Such problems become critical bottlenecks that cause a sense of reluctance among prospective adopters in embracing decentralized technology.

“It is highly important to ensure trust among stakeholders when critical assets are maintained on either blockchain or smart contracts,” says Prof. Ronghui Gu, co-founder of CertiK.

In the decentralized space, every exchange, trade, or interaction is governed by this sense of trust through the underlying code/business logic, which serves as the law or the regulation that oversees transactions. Prof. Gu, along with the leaders at CertiK, strives to establish this trust by securing the blockchain and smart contracts through the specific programs on top of the blockchain. The company brings together the best of artificial intelligence and decentralized technology to secure and consistently monitor transactions. “We provide a technique, what we call formal verification, that can help our clients prove the relevant protocols indeed satisfy their business logic under all conditions,” explains Prof. Gu. CertiK has also developed several tools to validate these logic functions to ensure that all underlying code remains error-free, alongside end-to-end cybersecurity solutions.
CertiK’s Security Leaderboard audit service reports vulnerabilities found on client's (off-chain) project code, while CertiK's Skynet solution provides 24/7 monitoring of all client project (on-chain) activities. CertiK audits scan and analyze contract code to find vulnerabilities that could become critical bottlenecks while also empowering clients to measure growth performance over time. In the area of risk and fraud detection, Skynet looks out for any anomalies with active flash loan detection and DEX liquidity monitoring. Similarly, the company has also developed an intelligent wallet tracing and visualization tool—SkyTrace—to oversee Ethereum and BSC wallets per AML regulations to safeguard transactions.

The company’s end-to-end cybersecurity solutions serve as a one-stop shop for all security needs. Typically, on Web2 or the internet we all know of, most of the security and testing functions are carried out before deploying the product, which involves using third-party cybersecurity services that treat products as a black box. In the event of an attack, the cybersecurity solution blocks the attack, and if that fails, it could block the network, which still wouldn’t necessarily address the vulnerability. Moreover, sharing the source code is impractical over Web2. Blockchain systems, based on Web3, are entirely different. “On Web3, it is impossible to stop a blockchain, as they follow your code, which is the law of the transaction,” explains Prof. Gu. “And it is very hard to upgrade or change a smart contract once deployed.”

Since sharing source code is common practice across Web3 owing to its inherent transparency, CertiK audits the business logic through its formal verification engine to ensure that they prevent vulnerabilities in the first place before the actual deployment, thereby ensuring the security of the blockchain network. Through such a utilitarian solution set, CertiK has earned the recognition of industry leaders such as Coinbase Ventures, Binance,, Decentraland, PancakeSwap, and many more. The company also has a ‘shield program’ with Binance, which safeguards the Binance exchange ecosystem, announced a few months ago. These eventful collaborations indicate CertiK’s proficiency in bolstering on-chain and off-chain activities, all the while assisting its clients in securing the source code of their Web3 deployments.
Share this Article:



Prof. Ronghui Gu, Cofounder

CertiKstrives to establish this trust by securing the blockchain and smart contracts through the specific programs that run on top of the blockchain