When we first started we created a very long and complicated process for how we would like to perform decentralized audits (detailed below). This was based on theory and after talking to several smart contract auditors they all came to the same conclusion that this would be too difficult and complicated to implement on Cardano early on. Since Smart Contracts written in Plutus are just beginning there are not many well-established audit practices for them and there are not many people with the skill set of auditing them. This required us to adjust our approach. As the DAO grows and we attract more talented people with experience in auditing Plutus Smart Contracts we will work towards building and implementing the decentralized audit program outlined below. But since this will be a long and difficult process we would also like to implement programs that we can begin much sooner and arguably provide just as much benefit.
The immediate process will be very similar in how the audits are selected and financed. Token holders will still propose the projects they would like to see audited and the community will vote on it. The ones with the most votes will win. And the funding model will remain the same so that our DAO is financing the audits which eliminates the conflict of interest that comes from having the dev teams pay for their own audits. More on the funding model is discussed in the next section. The key difference is that once audits have been voted on by the DAO we would then either hire an experienced 3rd party to perform the audit on our behalf, or we would sponsor a bug bounty for it through the Bug Exterminator where we incentivize the community to search for bugs and be rewarded based on what they find (more on Bug Exterminator in later section). If hiring a 3rd party, we would request bids by experienced auditors in Cardano to do their audit work. The token holders would then review the bids and decide which one to hire through a vote. The DAO will be able to decide between hiring the third party or sponsoring a bug bounty contest. Again, in both of these instances we have eliminated the conflict of interest because we are funding the audit work and we own the results.
We have also created the DYOR Tool which is not used to assess the code but instead evaluates the project holistically, looking at things like the Development team, Tokenomics, Community, and Trading Metrics. This is available for the community to use for free to learn how to perform research and to share reports with others. We will also have auditors working on behalf of the DAO that will be using the tool to perform research and share it with the organization. The thought process behind this is most scams will occur before there is any code to audit. A project will raise funds based on a website or idea without having the product in place. Which means that simply assessing their smart contracts usually comes too late to prevent people from being taken advantage of. By incorporating this review feature we will be able to review projects early on and provide information to help the community in their research and ideally to make a more informed decision.
Long Term Process
Our token will have the ticker AUDIT. The AUDIT token is a governance token that holders will use to vote on which projects they would like to be audited. Anyone who holds a minimum of XX AUDIT can propose an audit to be included for consideration in voting (relevance of a minimum value is still being considered). There will be no minimum for voting, anyone who holds AUDIT is eligible to vote and have a say in which projects they want to see audited. The DAO will determine the number of audit projects that it can perform each quarter, based on the total revenue being generated by the treasury and the total cost of each audit that will be calculated. We will audit the projects that receive the most votes from the community (1 AUDIT = 1 vote).
We will develop the audit methodology and standards that will be used to assess the smart contracts and the development team who is responsible for creating the dApp. The goal is for the these to become the industry standard so that all smart contract audits are conducted in a uniform manner. Once these are created, training materials will be developed so qualified candidates can easily follow and learn how to perform this work program on an audit. Also, this audit process is not meant to be unchanged or immutable. SCATDAO will empower its community of auditors to propose changes and new best practices that they learn from performing the work. These updates or changes to the audit process can be voted on by the community and implemented. As Cardano and blockchain continue to evolve, we want the way to audit it evolve as well. Ensuring the best and most up to date methodologies are constantly being employed.
Who Performs the Work
We are in the process of developing training materials that will clearly outline our audit methodology and teach the work steps that need to be performed to complete the audit. Training materials will be available to everyone through our website and anyone can review this at their leisure to learn how to perform SCATDAO audits (fluency in Haskell/Plutus will be helpful in successfully review the training materials). A test is also being developed that will assess a candidate’s understanding of our audit methodology as well as their fluency of Haskell/Plutus. Upon successful completion of the training materials and receiving a passing score on the test they will receive a certification and be added to the listing of Qualified Candidates.
In addition to our knowledge review test, we are developing a scorecard that will assess a candidate’s qualifications and determine if they have the necessary skills required to successfully perform an audit on behalf of the platform. This will consider their background, work history, knowledge of Haskell/Plutus, completion of Plutus Pioneers or similar programs, etc.. We care first and foremost that someone has the ability and knowledge vs blindly relying on professional certifications such as CPA, CFA, CA, etc. If they receive a passing score, they will be added to the listing of Active Available Auditors and are officially available to perform audits on behalf of SCATDAO. Initially the SCATDAO dev team will be reviewing these candidates to onboard them, but this responsibility will be transitioned to the new auditors based on the number of successful audits performed with us. This is to ensure a clear and straightforward path to decentralization of the process away from the Dev team.
If an auditor becomes busy and would not have the availability to participate, they can deactivate themselves at any time and return to the Active listing whenever they become available. There will be no cap on the number of Active Available Auditors. If someone who self designates as available is chosen for an audit, an email will be sent to them and they will be required to accept the audit. If they cannot accept but designated as available, they will be put on hold for X number of audits. As auditors successfully complete audits and demonstrate their competency and trustworthiness, they will move up in ranking and will have different roles, responsibilities, and compensation based on their rank. It is outlined as follow:
|X * 1.5
|X * 1.5
|X * 2
|X * 2.4
Each audit project that is voted on and selected by the community will be randomly assigned three auditors from the AAA listing. This will be 3 way blind so that none of the people are aware of each other or are able to communicate, which is meant to prevent collusion. Two people will independently perform the audit work program in its entirety and upload their results to the website repository when they are finished. The 3rd person will perform the Audit Quality Review (AQR). The AQR must review the work performed by the two auditors, ensure that both auditors have reached the same conclusions, and concur with their findings for the audit work to be completed. The redundancy of having 2 separate people perform the work and compare the results is meant to provide greater assurance that the testing was done correctly. If the work performed by the auditors does not match, the AQR will designate that in the system and the auditors will be notified. They will be required to go through the process over again, redo the work, and resubmit. This will be repeated until they can achieve matching results.
NOTE: We may initially have more than 3 auditors assigned to each audit in order to speed up the onboarding process. This will allow a large group of people to get multiple audits under their belt and progress to take over the additional responsibilities.
The system would be configured to always bring in 1 Pawn if available so that new people can keep being onboarded into the program. It would also pull in 1 higher-ranking individual as the second auditor (if available) and a Queen level would be required to perform AQR. This is to ensure that someone who is more experienced and has performed several audits on our behalf is reviewing the work and ensuring its accuracy. If there is a situation where there were no new Pawns, two Knights or Queens can perform the work as well. At the completion of the audit work and AQR review, the AQR will ensure all workpapers have been uploaded to the website repository along with the results, and the closing process will begin.
As this is a community effort and to encourage the maximum number of people reviewing and concurring on the results, the community is incentivized to review the workpapers, results, and the smart contract to assess if the work was done properly and to see if any additional bugs or exploits can be found. For anything found, a new AQR will be randomly selected to review the claims and do another pass through of the workpapers and code. There will be a deadline for review and a certain percentage of votes will be required to certify the results and close the audit. Rewards are paid to the community for anything found and for participation according to the below table, and auditors are penalized as discussed in the next paragraph: (we are currently working to determine what rates to pay and will update in a future white paper).
At the successful completion of an audit, individuals will move up a level if their work was free from errors. If the AQR determines there were errors in the individual’s work that would alter the opinion of a reasonable person, they would be dropped back down to the rank of Pawn 1. If someone feels that they did not make an error, 2 additional Queens will be selected to review and make a ruling. If they determine there was no error, the individual will continue to advance as normal and the Queen who made the incorrect call would drop back to Pawn 1. Initially, the SCATDAO team will perform the AQR role. As soon as there are auditors available who have performed the necessary number of successful audits to earn the Queen rank, this responsibility will begin transitioning to them and away from the Dev team, a clear and well-defined path to full decentralization.
After someone has successfully completed 10 audits, they would become a King. A King would have all of the responsibilities of a Queen but would also be required to review incoming people and include them in the AAA listing. With each audit that they participate in, they would be required to review 10 new candidates as well (this will encourage constant and consistent growth). The candidates would be pulled from the system in the order that they applied. The Kings earn additional compensation for this additional effort, as outlined in the chart. If it is discovered that someone was admitted without the proper skills or rejected despite being qualified, the King would be bumped back down to Pawn 0 with a second infraction resulting in a permanent ban. Again, this will be performed by the Dev Team initially until sufficient Kings are available, a clear and well-defined path to decentralization away from the Dev team and into the hands of the community.
At the completion of the audit work and closing process, the work performed will be uploaded to a repository on the website and results will be distributed through the website and available to all.
Auditors who perform an audit on behalf of SCATDAO will receive a payment to compensate them for their time and effort. The compensation is outlined in the above table, and is meant to be very competitive to the industry. Auditors from all around the world who possess the required skills are encouraged to participate. The money will not be adjusted based on geographical location, which means an American Auditor and an Ethiopian Auditor would be compensated the exact same. This will hopefully encourage participation from the developing world where auditors are usually paid a fraction of what their western counterparts usually earn. In the spirit of Cardano, this project would like to empower audit professionals from all over the world with an opportunity to supplement their income, add to their resume, keep the Cardano community safe, and help build this new ecosystem.
Why Would people Want to Work on Behalf of SCATDAO?
We intend to provide generous compensation above industry standards to the members of our community who perform audits on our behalf. As mentioned, this compensation will not be adjusted depending on geographical location. An auditor working in the United States or Europe will earn the same amount as an auditor in Africa or Southeast Asia. As the pay will be generous for US standards, we hope it will be especially rewarding for people who come from emerging markets. SCATDAO is a global organization, and we want to tap into the vast amount of talent distributed throughout the globe.
SCATDAO is not meant to be a full-time job. We are seeking individuals who can perform our work program and would like to supplement their income with some rewarding part time work on a project-by-project basis. Auditors who work on our behalf will get some excellence experience to add to their resume, can work from anywhere they choose, never have to commute or come into an office, and can dress however they like and work on their own schedule. Combining this with the rewarding compensation, the better question is, why wouldn’t someone want to audit for SCATDAO?
Process Flow Chart