This proposal is for the purpose of engaging Code Arena (Code 423n4) to audit the Tracer Perpetual Pools contracts as a bug bounty. Code 423n4 offer a “community-driven approach to competitive smart contract audits”. They have also previously provided a bug bounty audit for Tracer’s Perpetual Swaps contracts as per the EOI, operations post and the reimbursement proposal. In addition to Sigma Prime’s audit, this initiative accords with Tracer’s vision for deploying impenetrable smart contracts.
The audit is running for a total period of one week starting from 6/10/21 - 2:39pm UTC time. Prior to the audit, everyone wishing to participate in the audit should join the C4 Discord channel to register their address as per the documentation here: Become a Code 423n4 Warden. View the countdown for the Tracer contest to begin here: Code 423n4. There will be a total of $30,000.00 USDC & $20,000.00 (USDC equivalent) TCR offered in the prize pool for bugs found in the Tracer Perpetual Pools contracts as per the criteria here: Judging Criteria 1.
Please share with anyone who would be interested in auditing the Tracer contracts in return for USDC.
Mycelium has already paid the required deposit of $6,000.00 USDC for the bug bounty. If successful this proposal will action to have Mycelium reimbursed by Tracer DAO in addition to funding the award pool.
Included in this proposal is a $20,000.00 (USDC equivalent) TCR payment for winners of the bug bounty. As per the Tracer Growth Fund proposal, the bug bounty TCR payment sits within the remit of initiative 1 within Deliverables as a Service Provider:
- 80,000,000 TCR (8%) new Service Providers and contractors and employees of existing Service Providers.
Mycelium has already paid the required non-refundable deposit of $8,000.00 (USDC equivalent) TCR. An additional $20,000.00 (USDC equivalent) TCR payment is also required for the bug bounty award pool. Once the Growth Fund is live, the decision to reimburse Mycelium sits within the remit of the Growth Fund Managers. Thus, if this current proposal is successful, it will only trigger the reimbursement of $6,000.00 USDC to Mycelium in addition to $30,000.00 USDC (or equivalent) being used to fund the award pool.
For the provision of these services, the following remuneration package is proposed:
- $6,000.00 USDC (or equivalent) to reimburse Mycelium for the non-refundable deposit.
- $30,000.00 USDC (or equivalent) to fund the bug bounty award pool.
If engaged by this DAO proposal to provide the services described in this Offer to the DAO, Code 423n4 will commit to provide the following deliverables:
- An Audit of the core Tracer Protocol perpetual pools codebase at https://github.com/tracer-protocol/perpetual-pools-contracts
This audit will be community driven and aim to locate bugs, exploits and security concerns throughout the protocol code.
- Code 423n4 acknowledges that, if engaged, its engagement can be varied by future proposals.
- Code 423n4 expects that any engagement will be terminated if they fail to deliver in accordance with the deliverables specified above.
In the context of the Tracer Project, conflicts of interest include:
- Existing Service Providers who are Related Parties; and
- Existing (vested and unvested) holdings of TCR tokens.
Code 423n4 wishes to declare the following conflicts of interest:
- No conflicts of interest to declare.
Unless otherwise defined in this offer, all terms beginning with a capital letter which are defined in the Participation Agreement have the same meaning unless the context otherwise requires.
If this offer is accepted as a proposal under the Participation Agreement, Code 423n4 may more formally document aspects of that proposal.
Copyright and related rights are waived pursuant to CC0.
- Support proposal → push to Snapshot
- Oppose proposal