FIP 78 - Annual Security Budget Allocation

Authors
Frax Core Team

Summary
Allocate 1.2m FRAX to the core treasury for use on quarterly security audits.

Background and Motivation
FRAX has had impeccable security to date in its 17 months being live. We have had 0 critical vulnerabilities where the protocol or any user has lost funds to a vulnerability/bug. This is because the core team takes security extremely seriously and has recurring audits scheduled with some of the top firms in the industry such as Trail of Bits. All of the protocol audits are published in our documentation as they become available:

These audits typically take 2-4 weeks depending on amount of engineers involved and go through protocol code extensively. We would like to allocate 1.2m FRAX to pay for annual security budget and recurring, quarterly audits by top firms. It is likely that the total amount will not be used over 12 months which will roll over to the next 12 month period. In the event that the budget is used in under 12 months due to the size of FRAX’s core protocol contracts+code, we will propose a new budget allocation so that governance must approve it.

Seeing as how security and top audits are one of, if not most, important aspects of building a reputable and great defi protocol, we assume this will be an easy pass. For comparison, this is the annual budget for all security related audits+expenses which is less than ~5 days of protocol revenue. This small expenditure is one of the most important expenses of any defi project.

PROPOSAL

For: Approve 1.2m FRAX to core treasury for security audits+pentesting

Against: Do nothing

4 Likes

Makes sense - let’s do it

1 Like

seems like a bill we just have to pay.

2 Likes

Building a reputable and great defi protocol requires rigorous and recurring audits with multiple firms. To this end, Certik.com - a global leader in code audits - will elevate FRAX security to the next level. Let’s connect soon on telegram Telegram: Contact @willnyc