Recently, CertiK co-founder and Columbia University professor Ronghui Gu was interviewed by CNBC Arabia, a world-renowned financial media. He shared his deep insights into the future of Web3 security around topics such as the industry applications of formal verification, the role of AI in blockchain security, and the risks of emerging technologies.
Gu Ronghui said that formal verification is the key to building the security foundation of blockchain. Its role is to verify whether the code behavior conforms to the expected logic by mathematical methods. This method is more rigorous and more challenging than traditional auditing tools. He has repeatedly emphasized that the essence of blockchain is not only technological innovation, but also the reconstruction of trust, and a truly trustworthy system must be verifiable.
Formal Verification: Building a Secure Foundation for Blockchain
Formal verification is a high-threshold, high-intensity audit method that requires in-depth technical accumulation and understanding of the underlying logic. Gu Ronghui pointed out in an exclusive interview that although this method is complex, it has irreplaceable advantages in ensuring the security and controllability of blockchain.
His relationship with formal verification can be traced back to his school days. In 2016, he worked with Yale University professor Shao Zhong to successfully develop the worlds first fully formally verified multi-core operating system kernel CertiKOS, which was rated as unbreakable by Google. This achievement not only verified the application of this technology in the real world, but also laid the foundation for its entry into industry practice.
After that, Gu Ronghui founded CertiK in 2017 and introduced formal verification into the blockchain scenario. Today, this technology has been widely used in many privacy- and security-focused head projects such as ZK, as well as large financial institutions such as Ant Group. Gu Ronghui said in an exclusive interview that in order to improve the efficiency of formal verification, CertiK has built auxiliary tools such as AI intelligent analysis to automatically identify code features and generate logical evidence.
While promoting the implementation of academic achievements, Gu Ronghui has also been paying close attention to new threats facing the industry. Regarding the concern that supercomputers or quantum computing may threaten the security of blockchain, he frankly admitted that such technologies have potential risks, but at this stage they are still not enough to pose a real threat. Supercomputers are not powerful enough to break into existing blockchain systems, Gu Ronghui believes, More importantly, the industry is actively building anti-quantum algorithms and defense mechanisms, and it is possible to have relevant solutions.
AI Applications: Reshaping the Web3 Security Landscape
Gu Ronghui emphasized in the interview that AI is reshaping the blockchain security landscape, especially in smart contract auditing and on-chain threat identification, and has shown great potential. The correct application of AI can bring substantial improvements to the blockchain security system.
He further stated that CertiKs research shows that malicious behavior in Web3 projects is becoming increasingly sophisticated, and some phishing projects can track users for a long time and carry out precise fraud. However, through the rapid recognition ability of AI models, such attacks can now be identified and dealt with within hours.
Currently, CertiK has widely applied AI to vulnerability mining and auditing processes. By analyzing the on-chain warning data, it assists in identifying the causes of vulnerabilities and attack paths; at the same time, it uses AI technology to scan known vulnerability patterns, analyze code logic, and generate reports, building an intelligent auditing system with human-machine collaboration as the core, providing reliable mathematical support and efficiency bonus for the manual auditing team.
However, as AI applications become more popular, attackers can also use them to strengthen their attack methods. Gu Ronghui believes that this means that the threshold for security confrontation has been raised and the industry needs more powerful security solutions.
Technical Vision: Expanding the Trust Boundary of Web3
Gu Ronghui has always believed that the next stage of Web3 development will move from usable to trustworthy. Efficiency and innovation are not the end point, responsibility and trust are the core values of technological evolution. Only by embedding a verifiable security mechanism can blockchain truly become a trustworthy global financial infrastructure.
This is exactly the mission that CertiK has been adhering to since its establishment - with formal verification as the core, creating a security product system covering the entire life cycle including investment incubation, security auditing, compliance consulting, etc., providing verifiable security for projects and setting higher security standards for the industry.
For Gu Ronghui, this is not only a corporate strategy, but also a life choice. From studying at Yale to teaching at Columbia, from academic research to entrepreneurial practice, he has always focused on transforming formal verification from theory to practical foundation, and using technology to drive industry trust.
As a professor at Columbia University and CEO of CertiK, Ronghui Gu straddles the two fields of academia and business, but his goal is always to protect the security of Web3. He once mentioned that his teaching philosophy is rooted in integrating real-world insights into academic discussions, aiming to build a cognitive and capability foundation for the new generation in the field of cybersecurity.
“Ensuring the security of Web3 is not only a technical challenge, but also a social responsibility,” Gu Ronghui has publicly stated many times, “Our goal is to make this industry safer and more trustworthy.”
