CertiK CEO Ronghui Gu told CoinDesk that the security company does not have a concrete timeline for an IPO, but the company’s response to last year’s Huione-related backlash and its rapid push into institutional products has positioned it as a credible candidate for a multibillion-dollar public listing.
When CertiK conducted an audit of what later turned out to be a stablecoin project linked to the illicit Huione marketplace, the company faced heavy criticism online. Gu framed the episode as a wake-up call rather than a reputational end. CertiK publicly clarified that it had audited the code provided by a US-registered customer, before donating the fee to a charity.
“What we do is strengthen our current KYC procedure,” he told CoinDesk. “Also work with some external capacity providers to reduce risk.” On tracking post-audit usage, he added: “After publishing a report, we will closely monitor how this report is used.”
CertiK is increasing its enterprise offering while maintaining protocol audits as its main source of income. “Our current business is still and I would say will continue to be the main source of income,” Gu said, but he emphasized that these services must be “brought to an institutional level.”
In January, Gu sparked a debate in Davos by suggesting his company was exploring an initial public offering (IPO), reports he now claims are exaggerated despite strong investor demand.
“We raised over $240 million and I can tell you we have more money than that in our bank,” while recognizing investor appetite. “We already received several requests,” he said, noting that media coverage sometimes misinterpreted his Davos comments: “I say explicitly that we don’t have a concrete plan. There’s no concrete timeline yet, but… a lot of people actually reached out to us.”
On the valuation and IPO question, he took a measured tone: “People still don’t know how to value a web3-native company,” he said. He confirmed that CertiK’s investor list includes big names, Sequoia, Goldman Sachs and Coinbase, and hinted at selective additions: “We’re going to introduce one or two more strategic investors.”
Times are changing
When asked what attack vectors were becoming more prevalent in the cryptocurrency market, Gu argued that the risk profile in cryptocurrencies has gone beyond smart contract vulnerabilities.
“Operational risk became a bigger risk,” he said, alluding to mismanagement of private keys, deepfakes and oracle manipulation. On AI-enabled impersonations, he was candid: “Deepfake is difficult… we are still studying how to mitigate it.
He added that CertiK can help institutions, but highlighted the need for collaboration: “We need to work closely with our clients to help them review their internal policy or solution on key management.”
For Gu, the post-Huione reforms are both reputation repair and strategic preparation for institutional clients.
“These institutions want an institutional-level audit: a formal verification that can demonstrate that there are no errors,” he said, highlighting the demand from large banks in all jurisdictions.
