Summary
This is an extension of proposal #58 titled: “Proposal to authorize allowance for formal audits”, which granted the Bug Bounty Program an allowance to 60,000 DOLA and 100 INV. Funds have since been utilized to onboard Defimoon as security consultants, and allowance now sits at 51,000 DOLA and 86.2 INV. This proposal aims to increase the current DOLA allowance to 80,000 DOLA (effectively an increase of 29,000 DOLA), in order to cover our forthcoming 4-day Bug Bounty Contest hosted on the Code4rena platform, as well as expenses to retain the services of Defimoon through the months of October and November. The remnant funds will be deposited into a Bug Bounty vault on the Hats Finance platform.
Code4rena Bug Bounty Contest
Inverse is soon to announce the launch of a new, never before seen in DeFi, lending market. A final hurdle to surpass and a crucial step in guaranteeing a flawless launch and continued operation of the product is to host a bug bounty contest. Several qualified security projects and firms have been vetted by our RWG, and, after a period of deliberation, we are excited to commit to Code4rena as host platform for the contest.
We have agreed to the following terms; Inverse will host a 5-day, open contest on the Code4rena platform and fund a reward pool with $50,000. During this time, we can expect between 50 and 130 wardens (auditors) to review our codebase and provide us with invaluable feedback. We believe that mitigating risk at this stage of our development is of paramount importance and this engagement to be necessary for our new product launch.
Defimoon Engagement
DeFi Moon has been providing their services as security consultants since September 10th, and have worked diligently to audit our Convex Fed, Velo Fed, and Aura Fex (ongoing) contracts. In this time, they have proven to be a talented and genuine team and have played their part in helping identify security-related bugs in a timely manner. We consider bug bounties to be a lasting complement to any external or in-house security audit capabilities that Inverse develops. As such, we intend to retain Defimoon’s services for the next two months, and have them work concurrently to the bug bounty contest.
Bug Bounty Vault
After the termination of the Code4rena bug bounty contest, Inverse will launch a bug bounty vault on the Hats Finance platform and fund it with the remaining allowance funds. This vault will be grown over time as part of our ongoing commitment to safety.
On Chain Actions
Set Bug Bounty Program DOLA Allowance to 80,000