PR with Payload
Summary
As we get closer to the launch of Balancer v3, we propose having a Spearbit Cantina audit competition as the final security review before going live. Cantina is known for having top notch security specialists reviewing and hardening novel codebases.
You can view past competition here, which include AAVE, Uniswap v4, Euler, and many other big names in the industry.
We propose a prize pool of 250k USDC and $250k worth of BAL token to be allocated to the audit competition. These audit competitions work by allocating a certain amount of capital across different vulnerability tiers, typically low, medium, high, and critical. It is typical for the high and critical tier to have the most lucrative rewards. If no vulnerabilities in a particular category are found, then that capital gets returned to the project. This will be the last pass before going live with the protocol, so any vulnerabilities found would be vulnerabilities that would potentially go live, so think of this as a final bug bounty before live deployment.
Balancer labs will be responsible for creating the conditions for each severity category and also any discretionary reward to out of scope yet deemed useful findings. Any funds allocated to categories with no findings will be returned to the DAO. The contest will go for 3 weeks starting on October 15th.
Specification:
Balancer DAO will transfer 250k USDC and 115,250 BAL @ $2.17/BAL, which is a tad more than $250k USD worth of BAL. An additional $15k in USDC will be rewarded to the unbiased judges of the competition, resulting in a total of 265k USDC.
The recipient address can be confirmed in the cantina docs here:
Balancer DAO multisig 0x10a19e7ee7d7f8a52822f6817de8ea18204f2e4f will call transfer on 0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48 for
265,000 USDC = 265000000000 to 0x3Dcb7CFbB431A11CAbb6f7F2296E2354f488Efc2 and will call transfer on BAL 0xba100000625a3754423978a60c9317c58a424e3d
for 115,250 BAL = 115250000000000000000000 to 0x3Dcb7CFbB431A11CAbb6f7F2296E2354f488Efc2