Johnson might have wanted to hire Ronghui Gu.
Gu is the co-founder of CertiK, the largest smart contract auditor in the bubbly and unpredictable world of cryptocurrencies and Web3. An affable and talkative professor of computer science at Columbia University, Gu leads a team of more than 250 people who dig into cryptographic code to try to make sure it isn’t riddled with bugs.
CertiK’s work will not prevent you from losing your money when a cryptocurrency crashes. It also won’t prevent a crypto exchange from misusing your funds. But it could help prevent an overlooked software glitch from causing irreparable damage. The company’s customers include some of the biggest crypto players, like the Bored Ape Yacht Club and the Ronin Network, which runs a blockchain used in games. Customers sometimes come to Gu after losing hundreds of millions, hoping he can make sure it doesn’t happen again.
“It’s a real wild world,” Gu said with a laugh.
Crypto code is much more ruthless than traditional software. Silicon Valley engineers usually try to make their programs as bug-free as possible before they ship, but if a problem or bug is discovered later, the code may be updated.
This is not possible with many crypto projects. They operate using smart contracts, computer code that governs transactions. (Let’s say you want to pay an artist 1 ETH for an NFT; a smart contract can be coded to automatically send you the NFT token once the money arrives in the artist’s wallet.) The thing is, once that the smart contract code is live on a blockchain, you cannot update it. If you discover a bug, it’s too late: the whole point of blockchains is that you can’t change what’s written to them. Worse still, code hosted on a blockchain is publicly visible, so hackers can study it at will and look for errors to exploit.
The number of hacks is dizzying and they are extremely lucrative. At the start of last year, the Wormhole Network had over $320 million worth of crypto stolen from it. Then the Ronin network lost over $600 million in crypto.
Tech
