Tech Audit for Aragon.app

Hi All,

Creating a thread here to discuss the Audit of Aragon.app. As you know the core team has been working on it for a number of months and will need an audit in the coming weeks.

I have contacted all the auditors on the whitelist a starting point for the Tech Committee to check availability and also whether they will take payment for a DAO.

Proposed Audit will need to be of the Frontend & Contracts from what I understand: GitHub - aragon/core: Core components and services of the Aragon ecosystem

Budget will need to be up to $200k based on initial discussions, please feedback if you think this is low.

Looking for your expertise here @nivida @p4u @voronchuk on the best next steps and engagement.

Will share bellow each auditor that has been contacted and responded.

2 Likes

Replying to this thread:

  • ConsensysDilligence - Automated tool available
  • Coinspect - Conversation started awaiting engagement from tech committee
  • ZKLabs - Waiting for date if available
  • OpenZeppelin - Booked 8+ Months
  • Chainsecurity - Introductory Call 30th of May Scheduled
  • RuntimeVerification, Inc. (RV) - Slots Available
  • Trail of Bits - Awaiting response
  • Certik - Slots Available
  • SigmaPrime - Awaiting response
  • PeckShield - Not contacted (Website 404 Error)
  • Mixbytes - Slots Available
  • Certora - Awaiting response
2 Likes

@p4u @nivida and @voronchuk please state here from that list which are the ones you think we should move forward

@AClay thank you for your work. I suggest @nivida leads the process from the tech committee side as he was leading the development of this code.

1 Like

Hey @nivida @p4u @voronchuk,

Are you able to please confirm you choice? If not I am going to have to go through an alternative mechanism and it puts in to question the scope of the tech committee.

Please let us know by Wednesday this week.

Thanks,

Alex