AGP: TBD
Title: ANSP Engagement Policy
Author: Alexander Wade
Status: Stage II
Track: Association
Created: 2019-04-08
Description of desired Association policy change
Proposed Change
Give the Aragon Association the discretionary authority to source security partners and procure their services outside of the Aragon network voting cycle.
This authority does not preclude the submission and execution of security partner proposals through the current AGP process. Rather, it creates a new, flexible avenue for security partners to provide services to the Aragon network on an as-needed basis.
Sourcing - The AA can source qualified teams or personnel to provide security services to the Aragon network.
Funding - The AA will work with security partners and Flock teams to fund mutually agreed upon security services.
Reporting - The AA will include spending on security services in the Quarterly Transparency Report. Security partners contracted through this discretionary authority will endeavor to produce public reports and summarizations of engagements regularly.
Signals for Sourcing
The AA should use the following signals to select security service providers:
- Demonstration of relevant technical knowledge
- Recommendations from Flock Teams
- Recommendations from the Aragon community
- Recommendations from existing security partners
- Recommendations from members of the security community
Procurement Process
The following is an example of the process by which an engagement would occur for a typical security audit. For other types of engagements, the AA should endeavor to assess all requests from Flock teams and/or proposals from potential security partners on an as-needed basis.
- Flock team provides the ANSP(s) with finalized code and corresponding documentation
- ANSP produces a Statement of Work (SoW)
- AA and Flock teams review SoW and make revisions if needed
- Work between the ANSP and Flock team begins under the terms of the agreed-on SOW
- Upon completion, the ANSP will produce a public report summarizing the engagement
Reporting
The operations of any security partners should conform to Aragon’s norm of transparency.
- The AA should include spending on security services in Quarterly Transparency Reports
- Security review reports should be responsibly disclosed and archived on the Aragon Wiki
- Security partners should endeavor to provide regular updates to the community on their engagements
Motivation for changing this Association policy
Security partner responsibilities rely heavily on the results of the Aragon Network Vote
Current and previous proposals to provide security services have made use of the Finance track for AGPs. This track requires the proposing party to provide the exact funding amount that will be needed and is the primary track used by Flock teams to fund development of their projects.
The goal of the ANSP relationship is to provide security services to Aragon Flock and Nest teams. The results of each Aragon Network Vote dictate which projects and teams have been funded, and which have not. For this reason, aspiring security partners are unable to make proposals that accurately reflect the services they will be providing.
Ongoing advisory is a new direction for Ethereum’s security firms
Unlike many Ethereum applications, aragonOS enables Aragon teams to improve their products with regular releases and upgrades continually. Securing these applications requires a very different approach than the widely-practiced “one-off audit” security model. Instead, Aragon projects will realize the most value from continuous review and advisory provided by experienced firms.
This trend towards continuous advisory does not exist in any significant capacity in the Ethereum security community. As the relationship matures between Aragon and its security partners, the dynamics of the relationship will be subject to considerable change. For security partners to provide the most value to Aragon, the short-term should prioritize flexibility.
The AGP process does not accomodate changing requirements and deadlines for security firms
Software development is an imprecise art and is frequently subject to delays as expectations and requirements change. Security audits can act as a catalyst for this change, uncovering unexpected problems that require additional work to fix (and subsequent further review).
As the AGP Finance track does not account for variance in deliverables or deadlines, discretionary authority by the AA must be utilized to ensure security partners can provide the resources required.
Goals for this policy
This policy is intended to be temporary and should be used according to the following:
- Give teams the freedom to legitimately adapt, develop, and refine Aragon’s code review process
- Lay the foundation for inclusion of on-chain governance into the code review process
- Ensure ANSP code review deliverables can be tailored to the precise needs of the Aragon network
- Ensure Flock teams can ship as safely and quickly as possible
License
Copyright and related rights waived via CC0.