General goal: Build processes that speed up feature delivery and keep up with market demand. Short-term goal: Ship features by ETH Denver event. Challenge: Blockers which cause delays in the delivery of features.
Solution:
Align service providers schedules.
Build a framework where each party knows its priorities, tasks, and other vendor timelines and requirements.
Align service providers schedules
Here is a schedule we gathered along with AlphaGrowth. We request and encourage other vendors like Gauntlet and OpenZeppelin to help fill the gaps.
Each vendor should share the requirements they need to deliver specific solutions (like adding a new market, chain, or collateral). For example, OpenZeppelin requires a questionnaire to start estimating an audit of the new market.
Thus, every party will be able to rely on others to comply with their requirements and processes.
Not the biggest fan of ChainRisk managing a deployment or Comet since 1. they are unproven 2. they arent even getting paid by the DAO and 3. we already have Gauntlet on board.
Seems odd to include them here without them even going through with a Gov Vote on their Trial Program.
They are also super long winded, too much text in their proposals. Read Gauntlet’s and get 10x the info faster than reading 1000 lines of info of ChainRisk saying the same thing.
I mean Gauntlet has the experience and can be succinct while ChainRisk tries to prove itself. Just, I mean, we have seen multi risk manager models fail in the past. Why do you want to do it again? How will that speed up governance? It will definitely slow it down in the case of a conflict
Just my opinionn. Trying to stay positive / neutral in my framing so I dont get banned or temporarily suspended again
At the time of this post, we had only estimated to provide the pentest results by 2025-02-10. We’ll likely deliver it earlier.
With the exception of the pentest estimated delivery date, all other “audit due dates” were arbitrarily determined without input from OpenZeppelin.
Many of the scopes in this list are still in progress and are not available for OpenZeppelin to estimate or schedule.
Hi, I am Shelly, Co-founder and CTO of Certora. Our process is straightforward. You can reach out via any communication channel and ask us for an effort estimation (including sharing the code when private). Within 24 hours, we will review the scope and come back with a proposal for an audit or formal verification project. We are usually able to start new projects within a week.
For example, with RewardsV2, we reviewed the code and know we can complete an audit in 1 week. If formal verification is requested, we will need an additional half week, totaling to 1.5 weeks. We are available to start on Monday.
For potential projects like Migrator V2 and wSuperOETHB, we will need to review the code and come back with an effort estimation. Feel free to reach out to us on telegram (@sofiviss) to initiate this process.
We are proposing to help OZ in order to meet all of Compound’s deadlines. We have worked with the Compound DAO in the past and are familiar with the code.
Hi @dmitriywoofsoftware - this is Chris here from Sherlock. I saw the discussion around audits, and I wanted to jump in because this is exactly where Sherlock excels.
We operate a hybrid security model that eliminates bottlenecks entirely. We have a core team of dedicated professional security researchers available for traditional audits, but what truly sets us apart is our platform of 10,000 vetted security professionals—ready to be deployed at any time. This gives us an unmatched ability to scale up instantly, ensuring that projects get the attention they need without delays.
Even better, our ELO-style leaderboard and deep auditor database allow us to assign exactly the right person for each task based on proven skill and past performance. Whether it’s a deep-dive audit, targeted security review, or a rapid assessment, we can spin up the ideal team in real time. Our modular, flexible approach means you never have to worry about slow turnaround times or limited capacity.
We would love to connect and explore how Sherlock can help!