[IMPACT] Please describe your proposed solution.
At the current state of the art it is important to audit the smart contracts created by our internal team with an external partner:
Team experience:
- https://cnft.io/ as part of the developers team
- https://www.pavia.io/ as part of the tech leads
- https://cnftacademy.com/
Canonical Experience:
-
[IMPACT] Please describe how your proposed solution will address the Challenge that you have submitted it in.
In collaboration with Canonical the smart contracts created by FluidTokens team will be assessed and reviewed to avoid any possible exploit considering how new lending and borrowing is in Cardano
[IMPACT] What are the main risks that could prevent you from delivering the project successfully and please explain how you will mitigate each risk?
Risks are:
- Exploits that are not found during the auditing part but are found after open sourcing the platform
Solutions:
-
We have a lag release of opensource of the code, the current version of the platform is an improved version of the opensource one, in this way any malicious attacker cannot attack the current platform
[FEASIBILITY] Please provide a detailed plan, including timeline and key milestones for delivering your proposal.
-
September 2022 starting the audit of current smart contract and new smart contract version
-
October 2022 final code review with our tech partners
-
November 2022 opensource of the code after finalizing the audit stage
[FEASIBILITY] Please provide a detailed budget breakdown.
Considering the amount of hours for the auditing:
- QA 100 hours
- Testing 50 hours
- Code Review 200 hours
- Code fixing 50 hours
The cost of engineer and plutus developers in order to provide the audit is $90000, considering $10000 in case of extra costs
[FEASIBILITY] Please provide details of the people who will work on the project.
-
[FEASIBILITY] If you are funded, will you return to Catalyst in a later round for further funding? Please explain why / why not.
Even if FluidTokens is already scaling and it is strongly appreciated by the Cardano community, the costs of a widely accepted auditing are high for a recently created platform. In the next months, for any complex smart contract we're going to release, we'll probably need additional funds to audit them
[AUDITABILITY] Please describe what you will measure to track your project's progress, and how will you measure these?
Team will release monthly updates on the current state of the development in order to be trasparent and open
[AUDITABILITY] What does success for this project look like?
The success is not defined by a complete absence of bugs (which can never be guaranteed) but to ensure the absence of any known attack vector and the use of the most accepted best practices when writing smart contracts. Transparency with the Cardano community is also a must.
[AUDITABILITY] Please provide information on whether this proposal is a continuation of a previously funded project in Catalyst or an entirely new one.
It is not
