Chris: First of all, thank you for taking the time to speak with me today. Can you start by telling us a bit about yourself and your role at Veritas Protocol?
Nifty0x: Sure thing, thank you for the invite! I go by the nickname Nifty0x, and I'm one of two co-founders of Veritas protocol. For the past 15 years, I've been deep in the trenches of fintech and AI, working as a researcher and QA engineer. I have experience in both traditional finance - including positions at the European Commission and European Central Bank - and have been active in crypto since pretty much early Ethereum days, working with several startups and exchanges, such as OKX and Kucoin. I've published two books about Bitcoin & blockchain, along with seven research papers focused on practical AI applications in financial systems, way before ChatGPT existed though. My role at Veritas focuses on operations, data science and AI model training.
Chris: What inspired you and your team to create Veritas Protocol? Was there a specific security breach or challenge that motivated you?
Nifty0x: Actually, we've been in this space long enough to witness every type of hack and scam, seeing projects lose hundreds of millions while users were left with empty wallets. Two years ago we had enough and wanted to do something about it. We're aware that there are many good auditors out there, you can also find several insurance options for digital assets, yet it all seems to be so complex, costly or time consuming - especially for early stage startups. So about two years ago, I began extensive research based on our hypothesis of using AI to simplify and speed up the audit process. The hypothesis turned out to be confirmed and my co-founder and I gathered a team to start building the project based on these findings. Our technical reports are available on our website for transparency. The most recent evaluation of our AI model shows that it achieves 94.9% accuracy on average which is really exciting. It's also more than 14,000x faster than manual audits and reduces costs by more than 90%!
Chris: You emphasize setting a “new benchmark” for Web3 security — how do you define success in that mission?
Nifty0x: Success means three things to us. First, making professional-level audits accessible to early stage projects that can't afford to spend tens of thousands of dollars. Second, providing users and retail investors with tools to perform quick security checks in seconds before investing.
Most importantly, success means establishing an interoperability layer that creates a security standard across blockchains. We want to unify security measures into a coordinated ecosystem and provide an infrastructure other projects can build upon.
The ultimate metric will be adoption rate of our security protocol across different chains and reduction in successful exploits for projects using our system.
Chris: Veritas is built on the Qwen2.5-Coder architecture. How does this differ from existing AI models used for blockchain security?
Nifty0x: Qwen2.5-Coder gives us significant advantages over other models. It was trained on 5.5 trillion tokens and can process up to 131,072 tokens in context - essentially it allows us to analyze entire smart contract ecosystems at once. The architecture uses multi-query attention and rotary positional encoding specifically optimized for code understanding.
Unlike general-purpose models, we fine-tuned ours on 31,000 smart contracts with known vulnerabilities. Our evaluation shows 94.9% accuracy in vulnerability detection.
What really sets us apart is our multi-agent framework with 20 specialized AI agents working autonomously through a three-stage pipeline: input processing, analysis, and output generation. This allows us to detect vulnerabilities 14,535x faster than manual audits.
Chris: Can you walk us through how Veritas detects vulnerabilities like reentrancy, timestamp dependencies, and tx.origin misuse more effectively than traditional tools?
Nifty0x: Our detection process uses a multi-layered approach different from static analyzers like Slither or Mythril that rely on predefined rules.
First, we preprocess the contract through our Address Scanner, Source Parser, or GitHub Connector. Then our core Analysis Stage takes over with specialized agents. The Pattern Scanner identifies known vulnerability signatures while our Vulnerability Detector finds potential threats by analyzing code patterns, control flow, and data dependencies.
For reentrancy specifically, we examine state-changing operations and external calls, checking their sequence and identifying vulnerable patterns that static analyzers might miss. For timestamp dependencies, we look at block.timestamp usage in critical decision logic. With tx.origin, we detect authentication errors where tx.origin is used instead of msg.sender.
Our model was tested against the SolidiFI benchmark dataset containing 9,369 bugs. The results showed we found vulnerabilities that static tools missed completely. In comparative testing, Veritas detected 279 true positives compared to only 73 by human auditors and 39 by static tools.
The key difference is we're not just pattern-matching - we understand the semantic meaning of the code through our AI architecture.
Chris: The SoulBound Audit Token (SAT) is an interesting concept. How does it improve security transparency for everyday blockchain users?
Nifty0x: SATs provide on-chain verification that a project completed an audit with us. When users check a project, they can see this immutable proof directly on-chain - not just claims on a website.
The token contains the audit date, security score, and a hash of the full report. This creates accountability since projects can't hide previous vulnerabilities or falsely claim audits they never had.
For everyday users, it simplifies due diligence. Instead of reading complex technical reports, they see a simple security score backed by on-chain evidence. This helps users make faster, more informed decisions about which projects to trust with their funds.
SATs also incentivize projects to maintain security. Since audit results are permanent and visible, projects work harder to fix issues before going public. This improves overall ecosystem security for everyone.
The end goal is making security verification as simple as checking a token balance - accessible to all users regardless of technical background.
Chris: What role does multi-chain compatibility play in your security model, and which networks do you currently support?
Nifty0x: Attackers often exploit vulnerabilities across multiple networks, so our detection needs to work across chains too. We currently support Ethereum, BNB Chain, Polygon, Avalanche, Solana, and Arbitrum. This coverage lets us monitor cross-chain attacks and identify patterns that might not be visible when looking at single networks.
Our architecture was designed to be blockchain-agnostic from the start. The AI model processes contract patterns rather than chain-specific implementations, which is why we can add new chains relatively quickly.
For users, this means you can check token security or run forensics across different networks using the same tools. For projects, it means getting audits that account for cross-chain interactions and potential vulnerabilities at those connection points.
Chris: $VPT has a revenue-sharing model that increases based on holding duration. What inspired this tokenomics design?
Nifty0x: We designed the $VPT model to reward long-term supporters and reduce market volatility. The token aging approach was inspired by solving problems we observed in other token models where early speculation damaged long-term utility.
By increasing revenue share based on holding duration, we align interests between early and later adopters. This creates a natural incentive to hold rather than flip tokens.
Chris: What are the biggest challenges Veritas Protocol faces in gaining adoption within the Web3 security space?
Nifty0x: Getting security embedded into project development cycles remains the top challenge. Many teams still view security as an afterthought or optional expense rather than a core requirement.
Trust is another barrier. The audit space has seen many firms make big claims without delivering results. We must prove our 94.9% accuracy rate consistently to overcome skepticism about AI-based solutions.
Technical integration poses challenges too. Projects use different development environments and deployment pipelines. Making our tools work seamlessly across all these setups takes significant engineering effort.
Despite these challenges, our user growth indicates demand exists.
Chris: Finally, what can we expect to see from Veritas Protocol in the coming months and years? Are there any exciting new features or developments in the works?
Nifty0x: At the moment, our main focus is on developing what we call "self-healing smart contracts" - an infrastructure allowing vulnerable contracts to apply security patches automatically when threats are detected. This goes beyond just identifying issues to actually fixing them in real-time.
We're also building a cross-chain security data network that will create an open, interoperable security layer. This will let different security tools share threat intelligence and create a unified defense across the ecosystem.
The long-term vision is establishing a security standard for Web3 projects - similar to how SSL certificates work for websites. Projects meeting this standard would display an on-chain verification that users can instantly recognize and trust.
Beyond that, we've started research on quantum-resistant security measures for smart contracts. As quantum computing advances, this will become increasingly important for long-term blockchain security.
Our ultimate goal remains making high-quality security accessible to all projects regardless of size or budget.
usdt
xrp