Proposal “DCG-platform-audit“ (Active)Back

Title:DCG Platform Code Security Audit Apr May
Owner:glennaustin
Monthly amount: 298 DASH (16408 USD)
Completed payments: 1 totaling in 298 DASH (1 month remaining)
Payment start/end: 2022-04-12 / 2022-06-11 (added on 2022-04-05)
Votes: 732 Yes / 8 No / 0 Abstain
Will be funded: Yes
Manually vote on this proposal (DashCore - Tools - Debugconsole):
gobject vote-many 0d9db8cb03ed09268058aa6347892f28a94a4ca631a117866a0a719d448ae738 funding yes

Please login or create a new DashCentral account for comfortable one button voting!

Proposal description

Dash Core Group April 27th Funding Proposals
DCG is submitting 3 funding proposals for the April 27th budget cycle:
1) DCG Compensation (in month 3 of 4)
2) DCG Core Code Security Audit (in month 1 of 2): $50,000
3) DCG Platform Code Security Audit (in month 1 of 2): $76,240

What is this proposal about?
As a follow-up to the September-October infrastructure proposal, Dash Core Group has officially engaged with Least Authority to perform security audits on both the Core and Platform codebase.  Least Authority was established in 2011 and also has a development division so there may be future opportunities to utilize them for feature development after the audits.

There were many factors that contributed to this decision; Least Authority has a good portfolio of payment centric audits/affiliations, they have experience with decentralized storage systems, they have a robust privacy-focused philosophy/mission, they were very responsive throughout the proposal process, and they came back with a revised proposal with a reduced scope (the other firms were not willing to do so).  Also notable is that they are providing a fixed quote (as opposed to T&M), they are flexible with regard to the scheduling of work and their audit report is quite comprehensive.

How much will this proposal cost?
The Proposal for the Platform audit came in at 110,498 Euros (~ $123,000 USD) and will need to be re-evaluated once the development is completed.  The Platform audit is currently scheduled to start in July 2022.

The first Dash network proposal was originally intended to cover the first stage of the Core audit from the first Least Authority proposal (which would have been about $60,000 USD).  After reducing the scope of the Core audit, the amount required for the first payment was reduced to about $22,000. After deciding to use the same firm for the Platform audit and delaying the start of the Core audit the remaining funds allowed us to cover the initial payment for the Platform audit as well (about $38,000 USD).  This was done to ensure the Least Authority team could be reserved for the time periods that we have agreed on as waiting for another Dash network proposal would have risked further delays if their availability changed.    

After receiving/reviewing the initial audit report, a second payment will be required and then a third payment is required after the final audit report is received, which is variable depending on if there are audit findings that require code changes that need to be further audited.  

The remaining payments for the Platform audit that will be required are as follows:
  • 30 August: 68,434 Euros (~ $78,000 USD)
  • 15 September: 8,914 Euros (~ $10,000 USD) 

All USD amounts noted above are based on the EUR/USD exchange rate at the time of submitting this proposal.  Due to the upcoming Super Block reset, a re-estimate of the Platform audit once the development is complete, and depending on the fluctuation of the Dash/USD and USD/EUR rates over the April and May periods, a third proposal may be required in June to cover any shortfalls of the above-noted payment schedules.  

Requested funding is as follows for the April 27th budget cycle: with the same amount requested for the May 27th budget cycle:
295.5 Dash ($38,120 USD @ $129 per Dash)
    2.5 Dash reimbursement for the proposal cost
Total: 298 Dash


Show full description ...

Discussion: Should we fund this proposal?

Submit comment