A proof of concept (PoC) is a demonstration or experiment designed to validate the feasibility and practicality of a new idea, concept, technology, process, or product.
Basically, it is a preliminary stage in the development process where the main objective is to provide evidence that a particular concept or theory can be turned into reality and function as intended.
In the web2 world, a PoC is a minimally or zero-invasive demonstration that a bug/vulnerability is real and shows the impact on the assets in question.
But the question is:
What is PoC in Web3?
Proof of Concept (PoC) in Web3 is a runnable code run by a Whitehat (aka a hacker) What does it do? It demonstrates that a vulnerability and impact are real without actually exploiting the vulnerability in a live environment.
For most projects, especially those involving smart contracts, a PoC is crucial for valid and relevant submissions. Without a PoC, it can be challenging to ascertain the presence of any bugs or, more importantly, the potential impact.
A good PoC highlights the existence of a bug and the actual impact it may have. When a project receives a submission accompanied by a high-quality PoC, it enables quicker analysis, response, and substantial reward distribution.
So, we can detect any fault or weakness in the blockchain without dealing with the damage…
What does Proof of Concept achieve?
- Validates Feasibility: It demonstrates that the core ideas behind a concept are technically and practically achievable.
- Identifies Challenges: It helps to identify potential challenges, limitations, and areas that might need further development or refinement.
- Attracts Good Investment: A well-executed PoC can attract funding or support from stakeholders, investors, or decision-makers who may be interested in backing the full development of the concept.
- Guides Decision-Making: It provides insights that can guide decisions about whether to proceed with further development, invest more resources, or make changes to the concept.
- Reduces Risk: By testing a smaller-scale version of the concept, it reduces the risk of investing significant resources into a larger-scale development effort that might not be successful.
- Showcases Innovation: A successful PoC can serve as a showcase of innovation, potentially attracting attention from the industry, media, or potential partners.
What are some guidelines for Proof of Concept?
- When creating a PoC for a smart contract, it’s essential to use tools like Hardhat to fork the mainnet. This is preferred over deploying and configuring a local off-chain contract state that doesn’t align with the contract’s on-chain state.
- The PoC must include executable code to demonstrate the exploit. Screenshots of code won’t suffice.
- The whitehat can opt for any programming framework or language to compose the PoC.
- It’s essential to detail all dependencies, configuration files, environmental variables, and any other prerequisites necessary to successfully run the PoC.
- PoCs should feature clear print statements and comments outlining each step of the attack, along with pertinent information like the amount of funds stolen or frozen.
- The Whitehat must determine and calculate the funds at risk. This data contributes to a comprehensive understanding of the potential impact.
- Whitehats must adhere to any supplementary guidelines stipulated by the bug bounty program to which they submit their bug report.
What’s the difference between PoC and MVP?
The difference between proof of concept and the minimum viable product is that they serve different purposes. In detail, PoC focuses on demonstrating the feasibility of an idea. Meaning it gives theoretical ground to an idea of a solution or a particular function.
On the other hand, an MVP OR minimum viable product is a version of a product that includes only the essential features needed to solve a specific problem for early users. It implements the features designed at the stages of PoC and prototype.
Basically, the MVP stage comes after a successful PoC. Aka when the concept’s feasibility has been established and it’s ready to be tested in a real-world environment.
PoC in Web3
Finally, Proof of Concept projects can vary in complexity and scope. They can range from simple prototypes or simulations to more advanced working models or demonstrations.
In blockchain technology, the goal is to always illustrate the core functionality of the concept in a tangible way. Not to mention provide a better seamless user experience.
As always, stay tuned for more!