Open DeFi Blueprint

Security Standards

Statement of Purpose

Auditing standard for measuring technical and economic risk for institutional investments in DeFi protocols and issuing a Tokenized Certificate for meeting the standard.

Summary

With the recent quantitative easing and the growing instability in the traditional financial markets, there is a new wave of sophisticated investors looking at DeFi for better returns. This blueprint is to create a simple framework that works for most DeFi protocols and verifies the true security of a protocol from both an economic and technical perspective in an easy to digest manner. The platforms that meet the standards defined in the framework receive a tokenized security certificate and a short report for the investors to make risk calculated investments.

The idea stems from the millions of digital assets lost in DeFi protocols this year. By bringing together experts in the space and the community of developers, we aim to open up a formal verification process that checks for deep underlying security risks that have been withholding more capital flowing in. Some of the parameters for the assessment are:

  • Flash loan vulnerability
  • Security of smart-contracts
  • Number of audits and the level of scrutiny
  • GitHub repository commits since the last official audit
  • Code changes in compliance with post-audit report
  • Documentation quality and test coverage scope
  • Code quality
  • External dependencies
  • Longevity of operations on mainnet
  • Token supply distribution
  • Privileged roles and centralization
  • Distribution of developer funds and commitment to insurance

Project Scope

  • Customer Research - Institutional Investors
  • Security Research - Consolidating Audit Reports
  • Define the Risk Parameters - Technical & Financial
  • Productize the Standard - Assessment & Certification

Each component will be split into smaller tasks for focused contribution by the working group.

Outcome

The approach is to work directly with institutional investors and DeFi protocols - to do security checks on the protocols and create an easy-to-digest report. The long-term vision is to productize this offering where DeFi protocols will submit the code to verify for security. The platform will rate the projects and issue a non-transferrable NFT to the smart contract which represents a certificate that the audit is valid and provides easy-to-digest details on the potential exploits and token-economic risks. This can further become a platform for investors, auditors and insurance providers to come together and make the interactions more secure.

Working Group (5 to 8 members)

  • Developers
  • Token Engineers
  • Authors
  • Reviewers
  • Open DeFi Advisors

Community Contribution

  • Individual to be recognized on all publications and promotional channels
  • Bounty rewards and NFT badges for completing tasks
  • Mentorship on DeFi development from industry experts
  • Opportunity to network with other talented developers and researchers
  • Exclusive access to bounties and freelance opportunities
  • Opportunity to showcase work to OD members in consideration for recruitment

If you are interested to know more and want to contribute to the development, please write to us at - hello@open-defi.com