CertiK CEO Ronghui Gu told CoinDesk that the security company does not have a concrete IPO timeline, but the company’s response to last year’s Huione-related backlash and its rapid push into institutional products has positioned it as a credible candidate for a multibillion-dollar public listing.
When CertiK conducted an audit of what later turned out to be a stablecoin project linked to the illicit market Huione, the company faced heavy criticism online. Gu described the episode as a wake-up call rather than a reputational endgame. CertiK publicly clarified that it had audited code provided by a US-registered customer, before donating the fee to charity.
“What we are doing is strengthening our current KYC procedure,” he told CoinDesk. “Also working with some external capacity providers to reduce risk.” Regarding tracking post-audit usage, he added: “After we publish a report, we will keep a very close eye on how that report is used. »
CertiK strengthens its enterprise offerings while retaining protocol audits as its primary source of revenue. “Our current business is still and I would say it will always be the main source of revenue,” Gu said, but he stressed that these services need to be “pushed to the institutional level.”
In January, Gu sparked discussions at Davos by suggesting his company was exploring an IPO, reports he now claims were exaggerated despite strong investor demand.
“We have raised over $240 million and I can tell you we have more money than that in our bank,” while acknowledging investor appetite. “We have already received several requests,” he said, noting that media coverage has sometimes misinterpreted his Davos remarks: “I say explicitly that we don’t have a concrete plan. There is no concrete timeline yet, but…many have contacted us.”
On valuation and the IPO question, he took a measured tone: “People still don’t know how to value a Web3-native company,” he said. He confirmed that CertiK’s list of investors includes big names, Sequoia, Goldman Sachs and Coinbase, and hinted at selective additions: “We will bring in one or two additional strategic investors. »
Times are changing
When asked which attack vectors were most prevalent in the crypto market, Gu argued that the risk profile in crypto goes beyond smart contract exploits.
“Operational risk has become a bigger risk,” he said, referring to private key mismanagement, deepfakes and oracle manipulation. Regarding AI-based impersonations, he was frank: “Deep fake is difficult…we are still studying how to mitigate it.
He added that CertiK can help institutions, but emphasized the need for collaboration: “We need to work closely with our customers to help them review their internal policy or solution regarding key management.
For Gu, post-Huione reforms are both reputational repair and strategic preparation for institutional clients.
“These institutions want an institutional-level audit – a formal verification that can demonstrate that there are no bugs,” he said, noting demand from major banks in all jurisdictions.
