Grant for Technical Risk Report of 3 Asset Listings

As part of the CGP 2.0 grant program I’m managing for security tooling, I’ve received a grant proposal for DeFiSafety to further develop an asset risk assessment framework for new listings, based on the prior work of OpenZeppelin

The DeFiSafety Proposal involves the delivery of an updated token risk assessment process followed by three risk assessment reports performed for any given assets the community prefers.

As the security grant domain manager, I think this proposal is valuable for improving the technical risk assessment process for asset listings in addition to performing such assessments for pending asset listings. However, I first want to ask the community what three assets are currently the highest priority for which this grant can perform assessments.

@pauljlei Are there any asset listings that Gauntlet is planning to perform for which a complimentary technical risk assessment would be valuable?


From my perspective, the next assets we are looking at are USDC, WETH, WBTC, and OP on Optimism


Thanks, @cylon. From Gauntlet’s perspective, we are also prioritizing the asset listings on Optimism, as Jared mentioned above.

Thanks for the thoughts here.

I’ll move forward with this grant assuming we’ll start with this list of assets, although we can revisit the list once the first milestone is complete.

USDC, WETH, WBTC, and OP on Optimism

Hi all,

Please find my initial version of the USDC token report for Mainnet and Optimism. Content is based on the Compound Asset Listing Checklist. The format is to make the content quickly useful for devs to evaluate tokens. Comments welcome.

I am ready to proceed with WEth and WBTC after your comments.

1 Like

Please find enclosed the full (and I believe final) document set for this grant.

Token Reports (4)
USDC on Mainnet and Opt, wBTC on Mainet and Opt, wEth on Mainet and Opt, OP on Optimism only. Finally a process document, so that anyone in the community can generate their own reports.

This completes the deliverables on my side. Please let me know your comments or improvements. Do you need any more? I expect I can generate a token report reliably within 6 days of a request. Let me know.

1 Like