ChainSecurity and Certora are honored to be recommended by the Compound Foundation as the next SSP for Compound. We thank you for your trust and are committed to delivering at the highest standard.
We have updated our proposal. Here is a summary of the changes:
- Tenderly has been unbundled from this proposal with the understanding that their platform will be considered as part of ZeroShadow’s evaluation process.
- ChainSecurity and Certora are submitting a joint proposal with an annual fee of $1.75M. The fee is capped for two years at least.
- The following has been added to our scope:
- We will become signers of Compound’s multisig
- We will ensure a smooth, clearly-defined, and efficient collaboration with ZeroShadow. We will make ourselves available to support their efforts and offer direct communication channels with redundancies across different timezones.
- While ZeroShadow owns the responsibility for monitoring, we will support them by offering monitoring recommendations when relevant risk areas are noticed during our reviews or advisory work.
- While ZeroShadow owns the responsibility for incident response (IR) & for designing the IR protocols, we are responsible for ensuring an IR drill happens every quarter with the relevant actors (ZeroShadow, multisig signers, key developers, etc.), and that the IR protocols are understood by all actors involved.
- The following has been excluded from our scope:
- Monitoring & Alerting (both the platform and the associated services)
- Incident Response & Triage
- Any of Tenderly’s tooling solutions (Tenderly’s virtual testnet, Tenderly monitoring stack, etc.)
- The scope of ZeroShadow’s proposal