I certainly understand the desire to swiftly plan a path forward but urgency on this issue is driven by new governance proposals, of which I only see a parameter change right now. For the record, the first we heard there was any activity on this topic was October 26th. It was a lot to wrap our heads around and deserved some time thinking about an approach rather than diving in with recommendations. I was surprised to see a vote so quickly given the magnitude of this effort!
At the end of the day, we’re all offering software assurance services so of course a lot of this is going to look the same. If I had to characterize the differences, the Trail of Bits proposal focuses most of its effort on a) finding and reducing risk in governance proposals, and b) increasing security by reducing the cost of control (e.g., with templates, checklists, assessment guides, specification development, and other systems that continuously reinforce themselves). I think we were much more specific on that front. On the other hand, the OZ proposal contemplates a broader set of activities, like security training and threat detection, that apply only indirectly to the core issue of merging insecure or unsafe proposals. E.g., I’m less sure how to take a Q&A channel staffed with OZ employees to the bank.
Reading between the lines, this seems like a similar take that Jared had earlier in the thread:
The scope of the proposal is quite large … and includes services which Compound Labs has never used before, and therefore cannot attest to the value of. Audits have never been a silver bullet, and never will be, so personally I think it’s important to think about and balance all of the quality assurance resources we have available. This should probably include things like formal verification and investment into the tools developers actually use to build and test the protocol themselves.
In my opinion, on-chain monitoring in particular, while possibly valuable, probably should not get bundled as a must-purchase alongside the auditing service for governance proposals. These types of systems are an active field of research (see also, flashbots), may apply to less attacks than expected, or may have undesirable performance impacts or other costs. I’d want to study them further to understand their value and limitations.