The Compound protocol is community owned. I think that the target of the sale here needs a bit of course correction. I will assume that the proposal was intended to be for the protocol and community directly. For community proposals such as this, you’ll need to work directly with the Compound protocol’s community members and delegates, not solely with Compound Labs. That would also proceed with an onchain vote to initialize the program, like we’ve seen previously with OZ, Gauntlet, Questbook, AlphaGrowth, et al.
This post and proposal is a great start to improving the robustness of the Compound protocol. It is a step in the right direction to properly incentivize white hat security researchers to report potential bugs and exploits in a professional manner to minimize the risk of hacks and exploits.
Best of luck to you in your proposal and I think the community will appreciate seeing more involvement from professional security firms like Cyfrin to reduce the protocol’s and community’s security risks.
My questions are:
- What advantages are there to working with Cyfrin that add to the existing security services that OpenZeppelin already provides for the protocol?
- Why would a community member choose to vote for this proposal over the existing Immunefi proposal?