Hey everyone, Kristoffer from Hashlock here, one of the best smart contract audit firms globally according to CoinMarketCap and other sources.
Our deck is also available here
I’ll divide my post into a few sections, for easy readability, otherwise it’ll be too long of a post. I’ll try and keep it short and concise.
Background of Hashlock and recent OP work.
We have been working together with other foundations on similar models as proposed by several members in this thread. Let me highlight some of the different ways below:
peaq Network <> Hashlock
With peaq, we are the security firm for themselves, as well as their ecosystem. Every project building on peaq automatically gets a 50% discount from our standard services fees, not limited to audits. It also comes with the perk of short waitlist and better planning, vs the 6 months we saw last DeFi summer.
5irechain <> Hashlock
We are working together with 5ire on their grants program and their own security, where every winner automatically gets a pre-determined amount of audit credits, as well as discounts on top of this rate.
Fantom Foundation <> Hashlock
Same model for all the Sonic Labs winners here, as with 5irechain.
To highlight some of our most recent work on OP, we’ve finalized several audits for Exactly Protocol, which has been building on OP since March 2023 and Debita Finance, one of the Sonic Labs winners also deploying on OP.
Proposal discussion points
- The proposal emphasizes the significance of lowering deployment costs for builders, specifically targeting the high expenses and time commitments associated with contract audits.
We have observed that many builders are unable to afford a high-quality audit when transitioning from testnet to mainnet, leading to project losses due to being hacked within the first week. We have also witnessed the rise of C-tier and D-tier “auditors” during every DeFi summer, giving projects a false sense of security by compromising, again, due to budget constraints.
Therefore, Hashlock is very partnership focused in the sense that our entire process is tailored around working together more than once, to reduce timelines and cost for the projects, while delivering the best quality audits and other security services. We are also one of few - if not the only - audit firm that work with evolving codebases. I will write out our audit methodology in a separate post, for simplicity.
One thing I wanted to give a take on regarding pricing structures, is to be aware of auditors potentially increasing their standard service fee, since it’s now a foundation that pays, instead of a “small” project. Just a piece of feedback.
- The current grant system’s limitations are highlighted, particularly the issue with builder grants being locked up for over a year.
Here, I envision a partnership that just automatically triggers on some pre-determined values, e.g.
Project gets in touch with Hashlock during grant application, and get a quote for their audit. This is then immediately budgetted into the grant application and pre-vetted, so we can avoid long wait-times.
I know this is a DAO forum, but we’re more than happy to discuss further on a call of any kind, and formulate a relationship with OP on this necessary adventure.
Note: I could only post two links, but I’ll gladly supply more somehow if need be