Draft Proposal: Contract Audit Squad

ABSTRACT
Develop a formalized contract review and approval system for community-based projects, providing a seal-of-approval indicating a level of safety for releases requiring wallet interactions.

MOTIVATION
As the community continues to grow and develop experiences using on-chain mechanics, security and trustworthiness will be paramount for widespread adoption. Without any authority to approve community-derived contracts, there is a significant vulnerability to malicious actors that will hinder growth and put participants at risk.

RATIONALE
Organizing a community-driven board of developers and a seal-of-approval process will allow anyone working on a WAGDIE companion contract to have their work audited by trustworthy figures, allowing them to provide their experience to the community in full confidence. With such approval, inexperienced members of the community will have an easy method of understanding if a companion contract is safe to interact with, and will feel less hesitant in participating in community-developed efforts.

SPECIFICATIONS
The following will be required to execute this proposal:

  • An organized panel of competent and trustworthy developers
  • Formalized submission platform for incoming project audits
  • Established audit guidelines, and review process of the panel
  • Officiated release method, providing on-chain seal-of-approval

IMPLEMENTATION
These are the steps to accomplish this proposal:

  • Open nomination / voting process for panel of at least 4 auditors
    – Nominees have been defined as @0xG @0xfadedface @tenacity.eth @poof
  • Create new category within The Conclave for auditor communications
  • Define review and approval process among auditor panel
  • Establish on-chain seal-of-approval through auditor-controlled wallet
    – Register a recognizable ENS for auditor-controlled wallet [wagdiedev.eth]
    – Set up multi-sig requirement for mainnet deployments / interactions
    – Wallet may deploy community contracts once approved
  • Define contract submission instructions, and post them publicly on platforms

TIMELINE
This time to implementation could be relatively quick. Provide 1 week from this proposal approval to elect the auditors, and then 2 weeks thereafter to execute the rest of the implementation. The contract submission and review process would remain open forever thereafter. Auditor panel reelection could happen every 3 months.

OVERALL COST
Once the joint auditor wallet has been established it will need seeding with a nominal amount of 0.5 ETH for various contract deployments, approvals and other establishment mechanics. Beyond this, individual Conclave proposals wishing to release contracts can have their additional funds sent directly to the auditor wallet for its process.

SUMMARY
This is an inexpensive way to assure community safety as various proposals and independent projects attempt to provide value through on-chain contract interactions. Establishing a secure audit process and throughline to deployment will help provide a seal-of-approval that can offer an at-glance level of trust, which will help foster engagement for community-developed projects.

7 Likes

This is an excellent proposal with a small lift in terms of Community Treasury to get started. I have little doubt it may eventually be a Final Proposal for voting, which is why I’ll take a moment to stray.

This is the 2nd Draft Proposal within 24-36 hours of establishing CR and we still have some work to set a system of standards for Proposal Review. We have already begun talking about this and although it may NOT change the pace at which new proposals come in, it will set and manage expectations of those submitting on turn around time.

As Conclave Reps we have been discussing setting a System for:

  • A day/time (leaning towards once a week) that we discuss Proposals and review for guiding into Final Proposals for voting.
  • A weekly public space for discussing all proposals submitted
3 Likes

Great idea, I support this.

2 Likes

Fully support this! :skull:

2 Likes

I too fully support this

2 Likes

I will say this one is important with all the community stuff that’s already came out and is planned. In-house auditing will vital.

2 Likes

It is important to note that auditors are highly skilled individuals providing a critical service to the community. I propose we document any volunteer contributions for funding allocations in the future once revenue generating opportunities are realized.

3 Likes

I’m in and can help resource as well. :slight_smile:

4 Likes

Happy to offer my services. I know a good deal about solidity and dev work in general.

4 Likes

@poof and @0xfadedface - I happily nominate both of you.
Absolutely ideal candidates, imho.

4 Likes

I also think this is great and be happy to vote in approval. Anything smart contract development wise I’mall for.

2 Likes

Would be happy to get involved, but I think right now I can mostly bring my backend/frontend experience to the table.
As of Solidity and smart contracts - I would sign up for reviewing only some basic stuff that’s mostly based on a well-known standards.
Might as well just try to join this board sometime later in the next election round after building something myself and getting more experience.

2 Likes

π•¬π–žπ–Š. π•Έπ–”π–˜π–™ π–Šπ–π–ˆπ–Šπ–‘π–‘π–Šπ–“π–™ π–•π–—π–”π–•π–”π–˜π–†π–‘ 𝖆𝖓𝖉 π–“π–”π–’π–Žπ–“π–†π–™π–Žπ–”π–“π–˜.

@poof @0xfadedface

𝕯𝖔 π–žπ–”π–š π–†π–ˆπ–ˆπ–Šπ–•π–™ π–“π–”π–’π–Žπ–“π–†π–™π–Žπ–”π–“?

3 Likes

Welcome to the Conclave!

1 Like

I welcome @tenacity.eth as a third nominee to this audit squad.

At this stage, I am feeling there will not be enough interested contract auditors within the first term to justify moving to a vote process for selecting members; only a vote to approve them as the final team.

Still think we need at least one more individual on the squad.
@0xG would you be interested?

1 Like

Yea absolutely, I’m happy to help on that front!

2 Likes

I’m willing to see this go to public vote with a panel of @0xG @tenacity.eth @0xfadedface and @poof if there’s no other strong nominations, or interested parties.

What’s next step? One of you lifting this up to vote status? Where do we go from here?
@Dontfeedthewolf @hersilence.eth @M3RL1N @Balyan @josiah.peace @brennen_eth

2 Likes

BOTH this one and 0xGs game seem ready to be moved into Final Proposal and voting stage. The SET day for those is MONDAYs.

We have (3) things we are ready to move to voting stage, we have the power to setup Snapshot voting. We just need a member from the CR to assist in moving these to Final Voting.

2 Likes

Pushing out the Royalty vote first, before any of these proposals requesting funds come through: Snapshot

As stated before, MONDAYs will be used to push Proposals into Final for voting, and vote will last 3 days. We are looking at both this Audit Proposal and @0xG Game Proposal.

Have moved both Proposals into official Draft Category now. Feel free to EDIT the proposals as you see fit, in preparation for Final Proposals. Make sure you add these details in comments, clarify anything and have the proposals ready to be made into Final Proposals.

2 Likes