ATOM Wars / Hydro Platform: Funding Third-Party Audit

Authors: Simply Staking

TL;DR - Simply Staking will commission Oak Security to conduct a third-party audit of the Hydro/ATOM Wars code. This will follow a similar format and process as our third-party audit conducted last year on Replicated Security (Prop 687).

Background

This proposal aims to use community pool funds to commission a third-party audit for the Hydro/ATOM Wars codebase.

Hydro is a bidding & governance platform for the efficient deployment of liquidity across the Interchain. Hydro allows projects to bid for deployments of ATOM (and other tokens) liquidity under their control and for the benefit of all ATOM holders.

For more information, we advise you to review the recent Forum Post from Thyborg here.

As we saw in our last proposal regarding an audit of key Cosmos Infrastructure (ICS) in Proposal #687, It Is always key to get a second set (or more) of auditors who had no involvement in the designing and building of the code to audit the codebase. This will allow for unbiased vulnerabilities to be disclosed (if any), again, as we saw in Proposal #687.

Since Hydro will have an element of transferring funds, we need to ensure that the funds will be secure and safe from any attack vectors throughout the whole process.

Details of Funding Request

This audit is to be conducted by Oak Security, one of the most reputable auditors in the space. With the scope of the audit already known to the auditor, they (OAK Security) have presented a quote and timeline for the audit. OAK Security is seeking $23,800 for the audit of the Hydro codebase with an estimated timeline of 1 Week to complete.

We believe that the terms and quotes presented by OAK Security are fair and ideal. It is a relatively small request for an audit of this importance.

Management

Since this is a community pool spending proposal, we want to ensure the community that the funds will arrive at the designated recipient by creating a multi-sig.

The multisig should be comprised of various reputable parties:

  • Damien, Simply Staking
  • Jehan, Informal, Inc
  • Lexa, Hypha Worker Co-op

Breakdown of Fees

We (Simply Staking) will be the main point of contact with Oak Security which means that we will handle all things related to answering their questions and queries. We will also act as the main coordinator for building and maintaining the multisig to ensure a smooth transfer of funds from the multisig address to the designated recipient (OAK). For the work with Oak Security and the multi-sig coordination, we seek a compensation fee of around 15% of the total ask.

Funding

OAK Quote: $23,800 + 10% price buffer to account for the volatility of the ATOM token during the voting period: $26180

Simply Staking Fees: $3570

  • Community consensus via forum and on-chain proposals
  • Sourcing vendor quotes
  • Coordinating vendor payments and milestones
  • Multi-sig coordination

Total ask ~ $29750

All leftover funds will be sent back to the community pool.

Due to the Importance of this proposal, we are expediting this proposal and it will be up on the Forums for 1 week rather than the standard 2 weeks. We are asking for the support from the community to approve this.

Governance votes

The following items summarise the voting options and what it means for this proposal:

YES - You agree that this external audit should be funded.

NO - You disagree that this external audit should be funded.

NO WITH VETO - A ‘NoWithVeto’ vote indicates a proposal either (1) is deemed to be spam, i.e., irrelevant to Cosmos Hub, (2) disproportionately infringes on minority interests, or (3) violates or encourages violation of the rules of engagement as currently set out by Cosmos Hub governance. If the number of ‘NoWithVeto’ votes is greater than a third of total votes, the proposal is rejected and the deposits are burned.

ABSTAIN - You wish to contribute to the quorum but you formally decline to vote either for or against the proposal.

9 Likes

Obviously an easy yes.

1 Like

Thanks for coordinating this!

Thanks for your leadership on this Damien!

Hey all!

Seems like this is relatively uncontroversial but just wanted to weigh in to give some context on Oak Security.

I lead grants at the Osmosis Grants Program. We’ve worked with Oak for the last 2 years as our primary auditor for our grantees and have found them to be fantastic auditors, and incredibly professional.

Given the importance of Hydro to the future of the hub, this spend feels like a no-brainer.

1 Like

We express our support for this proposal, with the exception of the 15% fee, which appears excessively high for the proposed task. Anything below 10% would be more fitting in this context and more in line with the standards. We recommend reducing it to reinforce a commitment to fair intermediary pricing. While we won’t object to the proposal if you don’t, lowering the fee would demonstrate your commitment to enduring ethical standards.
pro-delegators-sign

1 Like