Proposal “DCG-platform-audit“ (Completed)Back

Title:DCG Platform Code Security Audit Apr May
Monthly amount: 298 DASH (8630 USD)
Completed payments: 2 totaling in 596 DASH (0 month remaining)
Payment start/end: 2022-04-12 / 2022-06-11 (added on 2022-04-05)
Votes: 730 Yes / 8 No / 1 Abstain

Proposal description

Dash Core Group April 27th Funding Proposals
DCG is submitting 3 funding proposals for the April 27th budget cycle:
1) DCG Compensation (in month 3 of 4)
2) DCG Core Code Security Audit (in month 1 of 2): $50,000
3) DCG Platform Code Security Audit (in month 1 of 2): $76,240

What is this proposal about?
As a follow-up to the September-October infrastructure proposal, Dash Core Group has officially engaged with Least Authority to perform security audits on both the Core and Platform codebase.  Least Authority was established in 2011 and also has a development division so there may be future opportunities to utilize them for feature development after the audits.

There were many factors that contributed to this decision; Least Authority has a good portfolio of payment centric audits/affiliations, they have experience with decentralized storage systems, they have a robust privacy-focused philosophy/mission, they were very responsive throughout the proposal process, and they came back with a revised proposal with a reduced scope (the other firms were not willing to do so).  Also notable is that they are providing a fixed quote (as opposed to T&M), they are flexible with regard to the scheduling of work and their audit report is quite comprehensive.

How much will this proposal cost?
The Proposal for the Platform audit came in at 110,498 Euros (~ $123,000 USD) and will need to be re-evaluated once the development is completed.  The Platform audit is currently scheduled to start in July 2022.

The first Dash network proposal was originally intended to cover the first stage of the Core audit from the first Least Authority proposal (which would have been about $60,000 USD).  After reducing the scope of the Core audit, the amount required for the first payment was reduced to about $22,000. After deciding to use the same firm for the Platform audit and delaying the start of the Core audit the remaining funds allowed us to cover the initial payment for the Platform audit as well (about $38,000 USD).  This was done to ensure the Least Authority team could be reserved for the time periods that we have agreed on as waiting for another Dash network proposal would have risked further delays if their availability changed.    

After receiving/reviewing the initial audit report, a second payment will be required and then a third payment is required after the final audit report is received, which is variable depending on if there are audit findings that require code changes that need to be further audited.  

The remaining payments for the Platform audit that will be required are as follows:
  • 30 August: 68,434 Euros (~ $78,000 USD)
  • 15 September: 8,914 Euros (~ $10,000 USD) 

All USD amounts noted above are based on the EUR/USD exchange rate at the time of submitting this proposal.  Due to the upcoming Super Block reset, a re-estimate of the Platform audit once the development is complete, and depending on the fluctuation of the Dash/USD and USD/EUR rates over the April and May periods, a third proposal may be required in June to cover any shortfalls of the above-noted payment schedules.  

Requested funding is as follows for the April 27th budget cycle: with the same amount requested for the May 27th budget cycle:
295.5 Dash ($38,120 USD @ $129 per Dash)
    2.5 Dash reimbursement for the proposal cost
Total: 298 Dash

Show full description ...

Discussion: Should we fund this proposal?

Submit comment