Cardax DEX Plutarch Code Audit

Funds Fund 8 Proposals F8: DApps and Integrations Cardax DEX Plutarch Code Audit

over budget

View on Ideascale

Current Project Status

Unfunded

Amount
Received

Amount
Requested

$96,000

Percentage
Received

0.00%

Solution

We want to perform a full review of our Plutarch code and a security audit of our smart contracts before we go live with our DEX.

Problem

DeFi protocols built in Plutarch are new, untested smart contracts that will soon hold billions in TVL.

Impact / Alignment

Feasibility

Auditability

Cardax DEX Plutarch Code Audit

Impact

Cardax is developing an open-source decentralized exchange on Cardano. The goal of the project is to allow anyone to trade Cardano native tokens and ADA in a non-custodian way.

Full on-chain code security audit of our smart contracts from the team at Tweag: <https://www.tweag.io>

To learn more about Cardax and our recent development updates: <https://youtu.be/OU5kftHZiII>

DeFi is one of the most interesting applications for Dapps deployed on the Cardano network. We will address this challenge by making our DeFi application (a decentralized exchange) secure by providing a 3rd party audit of our-chain code.

Relevant Experience

Cardax B.V. is a software development company with focus on decentralized applications (Dapps) and Decentralized Finance (DeFi). We are the designers, builders and maintainers of the Cardax DEX. Our team is composed of experienced Haskell developers and security auditing experts.

Tweag is a software innovation lab that helps deep tech startups quickly scale their engineering performance and execute on high-risk, high-reward projects with confidence. We find the best wherever they live, to build better software by applying mathematics, computer science and the methods of open source.

It is expected that there will be more than 2000 lines of on-chain code for review. If we were to pass that number of lines of code, the audit would take longer.

We expect the audit to last up to 5 weeks.

Feasibility

# Deliverables

A full external audit of the on-chain Plutarch code of Cardax DEX.

The focus of the audit will be to find potential problems or vulnerabilities such as:

1. Unclear or wrong specifications that might allow for fringe behavior.

2. Vulnerabilities that could be exploited by an attacker

3. General code quality comments and minor issues that are not exploitable.

Once finished, the audit certificate will be published on Cardax's website.

Budget Breakdown

We estimate the Tweag team will dedicate ~5 weeks of engineering time to complete the Plutarch on-chain code audit starting on March 28th, 2022. Based on 2 full-time Audit Engineers.

$3,200/day

$16,000 flat fee

Total: $96,000

Our full team profile can be found on https://cardax.io/about-us

Auditability

We will publish the complete audit on our website.

That the Tweag team has successfully completed the on-chain code audit of our DEX. We expect them to advise a few security changes that our own team will implement right after.

It is a new proposal.

bookmarked!

bookmarked!