This proposal will fund a Code Arena (C4) contest to audit the critical components of the PoolTogether codebase as well as new yield sources.
The audit is tentatively scheduled for June 16, but it’s first-come first-served so it depends on how quickly we can run this PTIP.
This proposal will transfer 72k USDC to the C4 team to fund the contest.
PoolTogether is continually evolving and expanding. New smart contracts are being written and existing contracts are updated. With these changes some significant risk. Any smart contract that holds or has access to user funds is mission critical and must be scrutinized before being deployed. Scrutiny must come from someone with deep knowledge of the relevant protocols as well as an understanding of smart contract attack surfaces. Auditing firms specialize in this knowledge, so they are extremely valuable in de-risking smart contracts.
The core PoolTogether codebase has received third party audits from both OpenZeppelin and Diligence. Both are great firms, and we’ve had positive experiences with them. However, auditing firms are in short supply and lead times are now very long. Additionally, our protocol has a steady stream of new smart contracts that need to be audited. The classic ‘waterfall’ model of auditing the entire system in one shot no longer fits our process. We also need an auditing firm that is willing to deal directly with protocols.
This PTIP funds the first C4 auditing contest for PoolTogether. The scope of this contest includes several of the critical core PT contracts, as well as yield sources:
Core PoolTogether contracts:
- ATokenYieldSource.sol (Aave V2 Integration)
- YearnV2YieldSource.sol (Yearn V2 integration)
- SushiYieldSource.sol (SushiBar integration)
- IdleYieldSource.sol (Idle Finance integration)
- Badger wBTC Yield Source (TBD)
Code Arena has scoped the contest and recommends a 50-70k USD prize pot. We’re going to put up 60k USDC for prizes, and allocate 10k of the pot to optimizations. C4 takes 20% on top of the prizes to cover the cost of judging and administration. That makes the total 72k USDC.
Code Arena takes a community-driven approach to competitive smart contract audits. A contest is created for a codebase; there is a pot of funds for exploits, and another for optimizations. Anyone can privately submit exploits to the contest and a skilled expert, the “judge”, curates the exploits into a final audit report. The prizes are split among all who contributed to the audit report. This has some major advantages:
- Less resource-constrained
- Builds a knowledgeable community around participating protocols
To bootstrap the C4 community’s knowledge of PoolTogether, we should start with a comprehensive up-front audit. Once the knowledge has been seeded, we can start running more frequent flash contests; wherein a small piece of code (think: yield source) can have a short, dedicated contest. I think this would be a great fit for our iterative process.
Ideally, flash contests can be funded by the PT Grants Committee.
- Yes, let’s audit our protocol!
- No, let’s not audit anything