[FIP 012] - CertiK Audit Proposal

[FIP 012] - CertiK Audit Proposal

TLDR: Vote in favour to allocate 50k USD from the Treasury to pay for an audit of the Protocol by CertiK

Security is very important to Float Protocol. As we grow and more members join the community we want to make sure they are re-assured of the security of the Protocol as we progress. We have already completed one audit on the initial launch of FLOAT and we plan to do many sequential audits throughout the lifetime of the Protocol.

CertiK have provided us with a quote for auditing the Protocol:

  • 25 working days to complete the audit
  • Cost: $50,000.00 USD
  • CertiK Skynet included

This audit would be a full audit of the Protocol’s contracts, including the new multiplier contracts as well.

Key areas within the audit scope:

  • contracts/auction/*
  • contracts/funds/*
  • contracts/policy/*
  • contracts/lib/*
  • contracts/oracle/*
  • contracts/tokens/*
  • contracts/staking/multiplier/*

Out of the audit scope:

  • contracts/external-lib/, beyond the math libs usage in other contracts in scope
  • contracts/auxiliary

I think even if audits are not a 100% guarantee nothing breaks, it’s still good to have experts looking at the code. I say we should spent the money!

1 Like