Funds Fund 8 F8: DApps and Integrations Proposals Cardax DEX Plutarch Code Audit
over budget
Cardax DEX Plutarch Code Audit
Current Project Status
unfunded
Total
amount
Received
$0
Total
amount
Requested
$96,000
Total
Percentage
Received
0.00%
Solution

We want to perform a full review of our Plutarch code and a security audit of our smart contracts before we go live with our DEX.

Problem

DeFi protocols built in Plutarch are new, untested smart contracts that will soon hold billions in TVL.

Impact / Alignment
Feasibility
Auditability

Team

1 member

Ryan Morrison bio pic
  • download
  • download
  • download

[IMPACT]

Cardax is developing an open-source decentralized exchange on Cardano. The goal of the project is to allow anyone to trade Cardano native tokens and ADA in a non-custodian way.

Full on-chain code security audit of our smart contracts from the team at Tweag: https://www.tweag.io

To learn more about Cardax and our recent development updates: https://youtu.be/OU5kftHZiII

DeFi is one of the most interesting applications for Dapps deployed on the Cardano network. We will address this challenge by making our DeFi application (a decentralized exchange) secure by providing a 3rd party audit of our-chain code.

Relevant Experience

Cardax B.V. is a software development company with focus on decentralized applications (Dapps) and Decentralized Finance (DeFi). We are the designers, builders and maintainers of the Cardax DEX. Our team is composed of experienced Haskell developers and security auditing experts.

Tweag is a software innovation lab that helps deep tech startups quickly scale their engineering performance and execute on high-risk, high-reward projects with confidence. We find the best wherever they live, to build better software by applying mathematics, computer science and the methods of open source.

It is expected that there will be more than 2000 lines of on-chain code for review. If we were to pass that number of lines of code, the audit would take longer.

We expect the audit to last up to 5 weeks.

[FEASIBILITY]

# Deliverables

A full external audit of the on-chain Plutarch code of Cardax DEX.

The focus of the audit will be to find potential problems or vulnerabilities such as:

1. Unclear or wrong specifications that might allow for fringe behavior.

2. Vulnerabilities that could be exploited by an attacker

3. General code quality comments and minor issues that are not exploitable.

Once finished, the audit certificate will be published on Cardax’s website.

Budget Breakdown

We estimate the Tweag team will dedicate ~5 weeks of engineering time to complete the Plutarch on-chain code audit starting on March 28th, 2022. Based on 2 full-time Audit Engineers.

$3,200/day

$16,000 flat fee

Total: $96,000

Our full team profile can be found on https://cardax.io/about-us

[AUDITABILITY]

We will publish the complete audit on our website.

That the Tweag team has successfully completed the on-chain code audit of our DEX. We expect them to advise a few security changes that our own team will implement right after.

It is a new proposal.

Community Reviews (1)

Comments

close

Playlist

  • EP2: epoch_length

    Authored by: Darlington Kofa

    3m 24s
    Darlington Kofa

  • EP1: 'd' parameter

    Authored by: Darlington Kofa

    4m 3s
    Darlington Kofa

  • EP3: key_deposit

    Authored by: Darlington Kofa

    3m 48s
    Darlington Kofa

  • EP4: epoch_no

    Authored by: Darlington Kofa

    2m 16s
    Darlington Kofa

  • EP5: max_block_size

    Authored by: Darlington Kofa

    3m 14s
    Darlington Kofa

  • EP6: pool_deposit

    Authored by: Darlington Kofa

    3m 19s
    Darlington Kofa

  • EP7: max_tx_size

    Authored by: Darlington Kofa

    4m 59s
    Darlington Kofa
0:00
/
~0:00