Certora Raises $36M for Smart Contract Security Tools

Jump Crypto led the funding round for the firm, which secures $50 billion of DeFi assets.

AccessTimeIconMay 17, 2022 at 2:00 p.m. UTC
Updated May 11, 2023 at 6:53 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Smart contract security firm Certora raised $36 million in a Series B round led by Jump Crypto to fund development and port its flaw-detection technology to new blockchains.

Other participants in the round included Tiger Global, Galaxy Digital, Electric Capital, ACapital, Framework Ventures, CoinFund, Lemniscap, Coinbase (COIN) and VMware (VMW), according to a draft blog post provided to CoinDesk.

Blockchain security breaches have hit the headlines this year with some creating nine-figure financial losses. They include $326 million for blockchain bridge Wormhole and $625 million for Ronin Network, the infrastructure behind popular play-to-earn game Axie Infinity.

Certora is designed to help developers detect and prevent security mistakes before code is deployed. The firm’s Prover tool is meant to complement human audits and bug bounties. Certora said it is currently securing $50 billion in decentralized finance (DeFi) assets. The product finds and displays any rule violations or formally proves that there aren’t any.

The company is led by Shmuel “Mooly” Sagiv, computer science chair at Tel Aviv University and a pioneer of formal verification, a field that uses complex mathematics to prove or disprove the correctness of an algorithm, such as the smart contracts on a liquidity protocol.

Certora currently handles only Ethereum Virtual Machine (EVM)-compatible blockchains. The next focus is extending support to Solana, then branching out further toward Polkadot.

“What we want to do in the next year is to cover all of the blockchains,” Sagiv told CoinDesk in an interview.

How it works

Certora identifies violations of invariants, or rules that shouldn’t be broken, in smart contracts. The firm’s technology has identified bugs in Aave, Compound, Balancer and SushiSwap. Most of the bugs were discovered and fixed before the code was deployed.

For example, Certora prevented a critical bug in SushiSwap’s Trident liquidity pool contract. In Trident, users add funds to create the pool then earn fees for their lending and swapping activities. The fees are proportional to their share of the overall liquidity.

For a liquidity pool to work, there has to be a technical rule that as long as there are pool funds, user shares must exist since someone is providing that liquidity. A violation of that rule means that either the shares of the pool are worthless or the funds exist but can’t be claimed by the users.

In the case of Trident, the Certora Prover found a rule violation that could have allowed an attacker to drain the pool’s funds. The problem was identified and corrected before the code was deployed.

“Powered by world-class experts, Certora leverages formal verification to employ a suite of scalable and robust products that offer much higher reusability and granular testing,” said Jump Crypto partner and investments head Saurabh Sharma in a statement.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish group, owner of Bullish, a regulated, institutional digital assets exchange. Bullish group is majority owned by Block.one; both groups have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.

Brandy Betz

Brandy covered crypto-related venture capital deals for CoinDesk.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.