Dexaran
commented
3 years ago Deprecated. Audits are now paid upon the revealing of the report.
Closed Dexaran closed 3 years ago
Dexaran
commented
3 years ago Deprecated. Audits are now paid upon the revealing of the report.
Abstract
The following describes the proposed payment scheme for security auditors for their work. The developed scheme is universal and is based on the length of the code of the auditable smart contract.
Motivation
One of the main goals of Callisto is to develop a self-sustaining DAO-like security auditing department structure. Therefore, the payment schema should ensure a high level of automatization and formalization.
Specification
In the Security Department of Callisto, smart-contract auditors are paid once a month, on the 15th day of each month.
In this proposal each auditor has
base salaryandmultipliervalues. This values affect the paid salary. Both of these values are calculated based on the quantity and quality of tasks completed during the month.In this proposal, a total amount of
XCLO is allocated for the monthly budget of Security Department. The reward for each contract is proportional to the length of the contract code compared to the total code length of all contracts audited during the month.contract reward=X * contract_code_length / total_code_lengthAuditors review the code and report findings. Each finding has a certain weight in points. The following values will be used to evaluate findings according to their severity:
Auditors will receive reward for each audit request they have worked on, depending on their share of reported findings and
contract rewardvalue of the contract.auditor_1.reward=(contract reward) * auditor_1.findings / (auditor_1.findings + auditor_2.findings + auditor_3.findings)auditor_1.findings/auditor_2.findings/auditor_3.findingsare sums of finding values (in points) reported by each auditor.Then the "multiplier" value is calculated for each auditor.
auditor_1.multiplier=number_of_auditors * auditor_1.findings / (auditor_1.findings + auditor_2.findings + auditor_3.findings)number_of_auditorsis the number of auditors who worked on the audit of this contract.At the end of the month an average multiplier is calculated for each auditor. The salary of the auditor is calculated as a sum of auditor's rewards for the month multiplied by auditor's average multiplier for the month.