Notice: Polkadot has migrated to AssetHub. Balances, data, referenda, and other on-chain activity has moved to AssetHub.Learn more
Proposal for a Polkadot Assurance Bounty
The subject of this proposal is to set up a bounty of 540,000 DOT which will be used to help selected Polkadot parachains undergo rigorous audit procedures.
The primary goal of the proposal is to contribute to an overall greater level of security in the Polkadot ecosystem. Its secondary goal is to establish a pool of high-quality auditing companies specialized in Rust (specifically Substrate pallets and ink! smart contracts) which, over time, will help make audits more accessible for the whole Polkadot ecosystem.
If successful, the initiative will be expanded in the next iteration to formal verification methods (assurance) and the development of security tooling which will allow it to accommodate a more holistic approach to security in Polkadot.
This proposal is brought forward by the Polkadot Assurance Legion (PAL) - a security governance club comprising the following parachain teams: HydraDX, Interlay, Astar Network, Manta Network, Acala, Centrifuge, Zeitgeist and Equilibrium.
Payouts via the bounty mechanism are open to any Polkadot parachain, subject to a set of eligibility criteria and criteria for determining priority.
The bounty will be managed by 5 curators who - together - cover the set of expertise needed for the task.
Read the full proposal here:
https://docs.google.com/document/d/1I1vXSG6mjeeulKmRbG4lrERtqVGwHNyDR9pVE4wSQvI/edit
Comments (6)
I support this initiative as ecosystem needs comprehensive security audits to proactively identify potential vulnerabilities in the system.
This is a great initiative that will help parachains teams be more secure. As I'm one of the curators, I can shed a bit of insight into finding auditors and the benefit this proposal will bring: