Summary:
This proposal advocates for Starlay Finance to adopt UNO Watchdog’s insured audit services, active monitoring systems, and exploit cover policies. As Starlay Finance grows, ensuring the security and integrity of the platform is paramount to maintaining user trust and asset safety. Integrating UNO Watchdog’s robust security solutions will provide a comprehensive safety net against the evolving risks in the DeFi space.
Motivation:
The DeFi sector is rife with security challenges, and Starlay Finance must stay ahead of potential threats. A lack of a proactive security monitoring system and financial protection against exploits can undermine platform credibility. UNO Watchdog’s services will address these vulnerabilities head-on. We feel that relying on a Certik audit increases risk, and we are reaching out to offer economical and holistic solutions.
Specification:
The proposal includes contracting UNO as a holistic security provider and provisioning the full security suite referred to as “WatchDog” which is a complete audit of Starlay Finance’s smart contracts, deploying active monitoring tools for real-time threat detection, and securing exploit cover policies to safeguard users’ assets against potential breaches. Incident response preparedness is included, and Starlay will benefit from our direct connections to all major exchanges and law enforcement contacts in the event of an exploit. Our goal is to recover funds as quickly as possible and prevent an exploit from occurring altogether.
Benefits:
Incorporating UNO Watchdog’s services will enhance security measures, reassure your users of their assets’ safety, and position Starlay Finance as a leading secure platform in the DeFi industry thus translating to more confident depositors and users. An UNO WatchDog policy provides robust security benefits beyond the current standalone Certik audit. WatchDog includes continuous auditing; any code updates made throughout the policy are included and re-audited as you progress, reducing the high expense of complete re-audit from separate firms at different points in time.
Example tweet:
Costs:
The costs will encompass audit fees, monitoring service subscriptions, and exploit cover policy premiums. I’ve included an example below for previous work with WeFi. A detailed budget will be provided upon further discussion and analysis of total SLOC and risk levels, as each protocol varies.
Example proposal:
Time:
An initial quotation can take up to 3-5 days if desired. The initial audit and integration of monitoring tools are estimated to take 6-8 weeks, followed by continuous exploit cover and periodic audits whenever new code is introduced.
Risk Management:
No single audit is the end-all means to an exploit. There is always “one more bug” however this highlights a broader issue in the current audit space. UNO initiates with a meticulous audit, paired with active monitoring to detect and assist in stopping exploits at the 20% level, potential breaker switch implementation if desired, and lastly the safety net of an UNO cover policy, which is quoted and designed to protect 90%+ of protocol users up to a certain deductible.
Next Action:
The next step is to organize a meeting with UNO to discuss terms and initiate a group discussion around benefits, costs, specific needs, and integration.
I look forward to reading the community deliberation and benefit/risk analysis. Would starly benefit from WatchDog?
I’ll say hello in the discord after posting, I am looking forward to discussing it!
-CryptoMedic | BD Team