A smart contract certificate is a digital certificate that proves who is the owner of the contract. It is not to be confused with source code verification on block explorer. It’s similar to an SSL certificate for a website where it contains information about the owner such as organization name, country, email address and more. 

The certificate is available on the contract itself and it provides information of its origin. 

Our explainer video tells it all.

Each digital certificate is installed on a smart contract. This certificate contains the information of the owner who owns the contract such as organization name, email address, website and wallet address, similar to an SSL certificate. Our certificate exceeds the standard digital certificate technology used on the Internet by utilizing 4096-bit RSA encryption and SHA512 algorithm while still being compliant with industry standards.

By having this certificate attached to your contract, block explorers, wallets and any dapps could verify the authenticity of the smart contract, thus giving it a checkmark.

This checkmark is different than the typical source code verification checkmark that you often see on block explorers because we verify the ownership of the contract, not the source code. Source code verification cannot identify the owner of a contract, but we can.

We have various methods (patent pending) to ensure only authenticated contracts can have the ownerships securely verified, thus offering greater assurance to Web3 users. In fact, our verification process is better than Twitter.

We issue digital certificate for your smart contract so that block explorers and wallets can verify that you are the owner of your contract. This way, users can tell you are the good guys from the bad ones.

For instance, we can prevent smart contract phishing, such as the case that happened to BAYC NFT project. Our smart contract certificate could also prevent token spoofing.

• Smart contracts for any tokens
• Smart contracts for DeFi
• Smart contracts for NFT art
• Smart contracts for NFT marketplaces
• Smart contracts for Web3 games
• Smart contracts for self-sovereign identities
• Smart contracts for tickets
• Smart contracts for coupons
• Smart contracts for certificates – academic, deeds, trusts, etc
• Basically, any smart contracts that need to build trust!

In short, every smart contract should have a digital certificate just like every website needs an SSL certificate. Why? Imagine when you deploy a contract on a blockchain, your contract code will be available for everyone to see and copy. This means bad actors could forge your contract and even name it exactly like yours. But with our digital certificate, users can easily differentiate your genuine contract from the rest because your contract contains a digital certificate containing information that proves you are the authenticated owner. It also authenticates your website address, and in doing so, prevents website phishing. 

This depends on the type of certificate you acquired. For the most basic certification, you only need to add very minor code snippets. We have prepared in-depth text and video tutorials to assist you in this. For more advanced variants, you may need to import additional code that we will provide.

You may also use our code templates on our GitHub repository. Rest assured, our code is based on OpenZeppelin smart contract templates.

Firstly, you need to perform a certificate activation process by providing us your details – individual/organization name, email address, wallet address, etc – to ascertain that you are the owner of the smart contract that you plan to deploy. Once verified, we shall issue you a digital certificate for your contract and you must include the certificate in the contract. You may follow our tutorial. Once included, your contract can then be deployed on chain and verified by block explorers, wallets and other Web3 applications.

If you own a certified smart contract, you can mint NFTs on chain via this verifiable contract so that your buyers could ascertain the origin of each NFT – that is directly from you. It’s like a hologram sticker on merchandise but only better!

Smart contract phishing is a type of scam where scammers create fake smart contracts that look legitimate. Due to open source nature of Web3, scammers can forge copies of original smart contracts, such as BAYC NFT contract, and promote these counterfeits as real smart contracts. It is usually difficult for users to differentiate between real and forged contracts because both contracts can have their source code verified. When investors or Web3 users send tokens to this contract, they will not receive anything in return.

One of the prominent smart contract scamming cases is the BAYC (Bored Ape Yacht Club) NFT hack.

Token spoofing is like when someone pretends to be Vitalik Buterin and sends illegitimate tokens to illegitimate contract. It’s like getting an email from [email protected] but it’s not actually from him. Using this method, scammers are trying to prove their legitimacy by associating with reputable individuals.

Spoof transfer is performed by using the “transferFrom” function in the contract and changing the sender’s wallet address to say, Buterin’s address.

Often, the contract address is the ONLY way to distinguish between the real and spoof transfer.

Currently, we only support Ethereum platform. But we believe in a multi-chain future. Soon, our certification technology will be available to various protocols.