Proposal “Sec-Audit-Jul22“ (Completed)Back

Title:Dash Core Group Security Audits
One-time payment: 459 DASH (13302 USD)
Completed payments: 1 totaling in 459 DASH (0 month remaining)
Payment start/end: 2022-06-12 / 2022-07-12 (added on 2022-06-07)
Votes: 652 Yes / 23 No / 17 Abstain

Proposal description

Dash Core Group June 26th Funding Proposals
DCG is submitting 2 funding proposals for the budget cycle that pays out June 26th:
1) DCG Compensation: 2,296 Dash per month (currently in month 1/3)
2) DCG Security Audits: 459 Dash (currently in month 1/1)

What is this proposal about?
As a follow-up to the DCG Core Code Security Audit Apr May and the DCG Platform Code Security Audit Apr May, due to the severe drop of the Dash price over the last two months, there will be insufficient funds to cover the costs of both of the audits.  Even if the price of Dash recovers above the price at the time of those Apr/May proposals ($129), we are not likely to recover the required amount of fiat via our normally scheduled Dash sales. 

As we do for all proposals, we regularly sell equal amounts of Dash throughout the entire period of funding; in the past, we have found that this usually results in the required amount of fiat to be acquired for the related funding.  Given the current bear market, this balance was not achieved.  We considered selling all of the Dash for the audits immediately upon receipt at the beginning of May but the price had already dropped 30% to about $90 and so we decided to keep to our regular sale schedule with the hope of a market recovery.  

Most of the Dash received from the April proposal was sold at an average price of $59, about 53% less than the price at the time of submitting that proposal.  If we assume that same average sale price over the course of selling the Dash from the May proposal, we have a shortfall of about $73,000 to cover both audits.  This same scenario would result in enough fiat to cover the cost of the Core audit only and would leave little to nothing to pay for the Platform audit.

Dash Core Group kicked off the Core code security audit with Least Authority on 2-Jun-22.  Upon initial preparation for the project, the Least Authority team determined that they needed more time to complete their code review; the initial audit report is now estimated to be delivered to Dash Core Group one month later in the middle of July. It was agreed that there will be no increase to the cost due to this schedule change.  

To avoid complexities surrounding the audit budgets and the obligations to Least Authority during the current market conditions, it was decided to submit a single proposal for both audits since they both were already individually approved by the network.

How much will this proposal cost?
The cost of the Core protocol audit was a little more than 110,000 Euros (~ $122,000) and the cost of the Platform audit was estimated at 110,498 Euros (~ $123,000 USD), a total of about $245,000 USD.  If this proposal is accepted, the past and planned payment/funding schedule would be as shown below.  This schedule highlights a shortfall of about $45,515 but to avoid exceeding the 60% cap on DCG funding, one or more proposals will need to be submitted in the months of July and beyond to continue covering the shortfall as these projects continue. 




 SEP-OCT Infrastructure Proposal

$ 65,000          
 $ 65,000

 Core - First Payment

$ (22,185)    
 $ 42,815

 Platform - First Payment

$ (37,459)   
 $ 5,356

 APR Infrastructure Proposal

$ 29,358  
 $ 34,714

 MAY Infrastructure Proposal

$ 29,358  
 $ 64,072

 JUNE Infrastructure Proposal

$ 27,540  
 $ 91,612

 Core - Second Payment

$ (43,782)  
 $ 47,830

 Core - Final Payment

$ (5,943)  
 $ 41,887

 Platform - Second Payment

$ (77,330)  
 $ (35,443)

 Platform - Final Payment

$ (10,072)  
 $ (45,515)

As stated in the Apr/May proposals, the costs of the Platform audit to-date are only estimates since the code has not been completed for Least Authority to provide a final fixed quote yet.  Even if market conditions change for the better, the actual cost of the Platform audit is expected to increase since a significant amount of code has been written since the first estimate was given in September 2021.  It should also be noted that due to the current development schedule of the Platform, the start date of the Platform audit has been tentatively moved to start in August or September.

All USD amounts noted above are based on the Dash price at the time of submitting this proposal ($59).  The earlier that this proposal passes with high confidence will allow Dash Core Group to sell the associated amount of Dash from current holdings to reduce the risk of further price declines that could occur through the end of the June cycle.   

If you have any questions, please direct them to @brianfoster at dashcentral to ensure we are notified of your request.

Requested funding is as follows for the June 26th budget cycle.
454 Dash ($26,786 USD @ $59 per Dash)
    5 Dash reimbursement for the proposal cost
Total: 459 Dash

Show full description ...

Discussion: Should we fund this proposal?

Submit comment
2 points,2 years ago
First, I wanted to thank everyone for their support for this proposal thus far. Unfortunately, the ongoing bear market has forced us to make the difficult decision to cancel the security audit for the Platform. The Core audit is still underway and we will still require some of the funds from this proposal to pay the final payments. We will continue to sell down the dash received from proposals on a scheduled basis and any excess USD from this proposal will be allocated to the infrastructure reserve. Please tag me if you have any questions.
1 point,2 years ago
That is unfortunate, i thought with the start of the Dash Platform security audit already moved to August - September, there would still be enough time to gather enough funding for the upcoming Dash Platform audit. I suspect funding for the DCG Compensation Supplemental July will get approved and the funding for the Dash Platform security audit could get gathered from there ?
1 point,2 years ago
The last two proposals that were intended to fund the majority of the remaining costs for both audits were submitted at a price of $129 and we have been selling the Dash between $40-$60; this explains the shortfall but that shortfall isn't the only consideration. We still have our normal infrastructure costs to cover in the coming months and if the price stays as it is for the next few months, we just won't be able to cover both. We will still be spending about two months on internal penetration testing so we are definitely not leaving ourselves vulnerable.
1 point,2 years ago
Since halve of the future masternode rewards will flow through Dash Platform in the form of claimable credits through some pool, i really feel like a security audit of Dash Platform is a necessity.
-1 point,2 years ago
M.N. to support the Dash Development Team.
0 points,2 years ago
We are only 5 days away from the voting deadline, with an extreme LOW in voting participation, and the main two DCG proposals still need nearly 300 upvotes to get funding.
Can somebody please RING THE ALARM BELLS on all our Socials (Discord, Telegram, Twitter, Reddit, Signal etc.) to urge the masternodes to vote and soon?
In a couple of days it may be too late ! Is DCG sleeping? Time to take action is now !!!!
1 point,2 years ago
A lot happens in the last couple days. I would also encourage the MN community to get out there and vote for all three of Core's funding proposals. This is not the time to slack off.