DSP 009: dOrg's Internal Audits

[shresthagrawal]

TODO:

• [x] Gather Feedback

[shresthagrawal]

Reviews from Steff:

• Where does it gets shared?
• Every article in the blog should be standardized? could be coined as "Dictionary for Smart Contract Vulnerability".
• Making it searchable.
• So we can write a medium blog for the release of the knowledge base with the demo of the checklist.
• Mention that it is community-built. Steps for the involvement of different builders. Could be interesting to feature a different builder in every Article to enhance dOrg collaborations. Also helps in Adoption.

[dOrgJelli]

Would love to see a bounty program (once it's all initially built as a result of this DSP) for successfully adding new entries. For example: if you get a new exploit added to the registry, complete with a detailed description and an example project to reproduce the bug, you could qualify to get 1,000 stable coins + 2,000 dOrg tokens. Also could be a great way to onboard new builders, as we could grant them REP in the DAO as well.

[benefacto]

It would also be cool to have some economic exploits, especially flash loan attacks, covered in the articles as these are typically not looked for by auditors.

[shresthagrawal]

• Keep it private
• Get reviewed by the white hats and professionals
• Launch is important (what is the deadline, and deliverables)
• Smaller number of articles with higher quality (not commonly known ones, new fancy vulnerabilities)

[orishim]

https://alchemy.daostack.io/dao/0x94a587478c83491b13291265581cb983e7feb540/proposal/0x36c7a1d26606bc48bb85992576328606c7762a2b18e7a248a9b23b317ba38883