Authors
ChopChop
Glossary
C4
DAO
DeFi
Summary
This proposal is intended to clear a code audit budget associated with two scheduled security reviews by Code Arena and Trail of Bits for v2 of NFTX Protocol, listed under the specifications of this proposal.
Rationale
Since releasing version 2 of the NFTX Protocol, many additional features have been introduced to the protocol. One of these features that we are close to launching is called single-sided staking, allowing people to earn protocol yield by staking single NFTX vault assets. As we are projecting an increased demand in protocol usage, thorough new audits are advised by the Core team.
Having experience with Code Arena from the XIP#8 Security Review, we have chosen to engage their team for a week-long competition on a short-term basis (starting December 16 if this proposal passes).
We have also managed to secure a two-week full audit slot with Trail of Bits. They will audit the entire V2 Protocol in early Q2 of 2022.
Effect
Opportunity
- By locking down our slots of running audits with Code Arena and Trail of Bits we will have an extra set of eyes over the current state of the protocol, which has seen multiple additional features added since its’ inception earlier this year.
Risk
- None identified
Specifications
Clear a budget for two audits with Code Arena and Trail of Bits, bringing us:
- Multiple solidity experts will review the protocol to find vulnerabilities before deployment
- Engineers that participate in the contest will become familiar with our protocol, and that may make them comfortable integrating NFTX in other projects they contribute to
- Some marketing from Code Arena as they publicize the contest.
- Official audit deliverables to refer to by Trail of Bits
Funding request - Yes - Implementation Requires Funding
- In order to fund the security review contest, we will be required to pay Code Arena 90,000 USD (ninety thousand) and Trail of Bits 160,000 USD (hundred sixty thousand), totaling 250,000 USD (two hundred fifty thousand). This amount is to cover all costs associated to both audits.
These funds are to be paid upfront after the vote passes.
Communication
- Discord: NFTX
- Code Arena Website: https://code423n4.com
- Trail of Bits Website: https://www.trailofbits.com/
Proposed points of discussion.
- Open questions by community
Quorum (For forum)
- Minimum Quorum: At least 5 votes
- Passing Threshold: More than 50% must vote in agreement for the XIP to Pass. For changes to the NFTX contract, more than 70% must vote in agreement for the XIP to pass.
- Yay, please cast to Snapshot
- Nay
0 voters