Author: Nicholas
Date: 2022-09-01

Synposis

The DAO should lock in favorable pricing for Code4Rena protocol audits by allocating $500k to a long term relationship with Code4Rena, which will fund multiple future code audits. The DAO will pay a $100k deposit now, and the multisig will custody the remaining $400k to be sent to C4A to fund C4A audits as decided by protocol devs @Jango and @Dr Gorilla.

Motivation

Code4rena has proved to be the most productive form of auditing we have engaged in so far, according to protocol devs @Jango and @Dr Gorilla.

The DAO should fund a long term relationship with C4A so that new protocol code, such as bug fixes, extension contracts, and new payment terminals, etc may be audited for code security. This corresponds with the DAO Foundation commitment to enable project creators to deploy project treasuries with confidence — the Protocol Focus Area.

C4A will be implementing a fee increase in the short term. Trebien, our contact at C4A is encouraging us to lock in the current 25% fee rate now with a larger long term contract, before a substantial price hike.

Requirements for a long term agreement with C4A

Benefits:

Methodology

Funds will be allocated and sent to the multisig. A 20% deposit will be immediately paid to C4A to secure the above pricing. The DAO delegates responsibility to use the remaining 400k USD to the protocol devs, who will set up contests with C4A as needed, and communicate with the multisig to queue and execute transactions to fund those contests.

Specification

  1. Add a 500k USD payout to dao.jbx.eth.