Crypto Gloss

CertiK (CTK)

CertiK (CTK) is the native utility and governance token of CertiK’s blockchain security ecosystem — built by CertiK Inc., a New York-based blockchain security firm founded in 2018 by Ronghui Gu (Columbia University professor) and Zhong Shao (Yale University professor) who previously developed formal verification methods — encompassing CertiK Chain (a Cosmos SDK proof-of-stake blockchain), Skynet (an autonomous, on-chain real-time security monitoring and scoring oracle network for DeFi protocols and smart contracts), and CertiK Shield (an insurance-like mutual protection pool) — with CTK serving as the token for paying Skynet monitoring fees, staking by security providers who run Skynet oracle nodes and earn fees for monitoring assigned protocols, governance of CertiK Chain parameters, and collateral in CertiK Shield — while the company’s core revenue comes separately from fee-based smart contract security audits and penetration testing services sold to blockchain projects.

Stat Value
Ticker CTK
Price $0.18
Market Cap $28.29M
24h Change +2.8%
Circulating Supply 157.76M CTK
Max Supply 100.00M CTK
All-Time High $3.94
Contract (Osmosis) ibc/7E...F8D3
via ChangeNow · T&CsPrice data from CoinGecko as of 2026-04-16. Not financial advice.

How It Works

  1. Smart contract auditing (off-chain) — CertiK’s most prominent business: security experts and formal verification tools review a project’s smart contract code and produce a publicly available audit report identifying vulnerabilities. Audit reports are separate from the CTK token; they are paid for by the audited project in dollars/crypto (not necessarily CTK).
  2. Skynet (on-chain security oracle) — Skynet is CertiK’s continuous monitoring product. After a project is audited, Skynet nodes (run by CTK stakers) continuously monitor the project’s on-chain activity for abnormal behavior, smart contract interactions suggesting exploits, fund flow anomalies, and governance attacks. Skynet produces a real-time security score visible at certik.com/projects.
  3. Security score — Each monitored project receives a composite security score (out of 100) based on: code security (audit findings), on-chain monitoring (Skynet alerts), social sentiment, governance quality, and market behavior. These scores are widely referenced by DeFi users.
  4. CTK staking — CTK holders stake CTK to become Skynet providers, running monitoring nodes. They earn CTK rewards for providing ongoing security research and monitoring for assigned projects.
  5. CertiK Shield — A mutual protection pool where users stake CTK as collateral and where users can purchase coverage against smart contract losses from audited, Skynet-monitored protocols. This is a simplified smart contract insurance mechanism.
  6. CertiK Chain — A Cosmos SDK-based blockchain providing a platform for hosting formal verification proofs and security attestations on-chain. CertiK Chain uses Tendermint BFT consensus.

Tokenomics

Parameter Value
Ticker CTK (on CertiK Chain and ERC-20)
CertiK Chain Cosmos SDK, Tendermint BFT
Max Supply 100,000,000 CTK
Launch December 2020 (Binance Launchpool)
CTK usage Skynet monitoring fees, staking rewards, Shield collateral, governance

Use Cases

  • Security monitoring subscriptions — DeFi protocols pay CTK to onboard their project to Skynet for continuous monitoring and a public security score page.
  • Security provider staking — CTK stakers run monitoring nodes earning fees for serving as decentralized security oracles.
  • DeFi users — Retail users reference CertiK Skynet scores when evaluating new DeFi protocols before depositing.
  • Shield coverage — CTK stakers provide the collateral pool; coverage buyers pay premiums for protection against audited protocol losses.

History

  • 2018 — CertiK Inc. founded by Ronghui Gu and Zhong Shao at Columbia University. Both founders have academic credentials in formal verification (mathematical methods for proving software correctness). CertiK raises seed funding from Sequoia Capital, Lightspeed, and Goldman Sachs.
  • 2018–2019 — CertiK begins conducting smart contract audits, initially for Ethereum DeFi and exchange projects. The firm develops its auditing methodology combining manual review with automated formal verification tools.
  • 2020-12 — CTK token launches via Binance Launchpool (yield farming event) and Binance Launchpad IEO. This gives CTK immediate exchange listing and broad distribution.
  • 2021 — CertiK becomes the most prolific smart contract auditing firm by volume, auditing hundreds of projects per quarter. Skynet launches as the live monitoring add-on. DeFi summer drives enormous demand for audits. CertiK revenue grows substantially.
  • 2021-12 — CertiK raises $37M Series B at a $1B+ valuation, led by Sequoia Capital, Tiger Global, and others. The valuation makes CertiK one of the most valuable blockchain security companies.
  • 2022 — CertiK continues auditing at scale — by 2022, the firm has audited over 3,000+ projects. A widely discussed tension emerges: some exploited protocols display CertiK audit badges, raising questions about the relationship between audit completion and security guarantees (audits are point-in-time; not guarantees of absolute safety).
  • 2022 — “Privilege Escalation” controversy: CertiK’s Skynet alerts system flags multiple projects. CertiK publishes high-profile audit reports identifying centralization risks in backdoor admin keys in several projects.
  • 2023-04 — CertiK publishes a controversial report on Euler Finance-related exploits and maintains active involvement in post-exploit negotiations between hackers and protocols. The firm becomes involved in on-chain “negotiations” (publishing messages on-chain to exploit attackers).
  • 2024 — CertiK is a leading force in blockchain security research. The company discloses critical vulnerabilities in multiple major protocols and exchanges. A significant 2024 event: CertiK researchers discover and report a vulnerability in the Kraken exchange API that allowed unlimited balance creation — disclosing it responsibly but with controversy around how extracted test funds were returned.

Common Misconceptions

“A CertiK audit means a protocol is safe.”

A CertiK audit is a point-in-time review of smart contract code, providing no guarantee against future vulnerabilities introduced in upgrades, oracle manipulation attacks, economic exploits, or flaws in contract interactions the audit didn’t scope. Many audited protocols have been exploited post-audit. An audit reduces risk; it does not eliminate it.

“CertiK Skynet scores are objective third-party ratings.”

Skynet scores are generated by CertiK’s own system, partly based on paying for Skynet monitoring services. Projects can improve their score by purchasing Skynet monitoring. This creates an inherent conflict of interest that critics note.

Social Media Sentiment

CertiK has one of the most polarized reputations in crypto security. Supporters note genuine technical expertise, significant vulnerability disclosures, and the sheer scale of audits conducted (thousands of projects). Critics argue the volume-driven audit model creates quality concerns, that the Skynet score system has conflicts of interest, and that the firm’s aggressive social media presence (publishing security alerts) can move token prices in ways that appear self-serving. The Kraken bug disclosure controversy in 2024 intensified scrutiny. Despite controversy, CertiK remains the industry’s most referenced auditing firm by raw audit count.

Last updated: 2026-04

Related Terms