HP024 - Allocate $75,800 to Sherlock for Smart Contract Auditing and Smart Contract Exploit coverage for V2

This proposal seeks to:

  • Allocate $60,800 to Sherlock for Smart Contract Auditing of V2.
  • Pay Sherlock 3% of Hubble Exchange V2’s TVL for the next 3 months for smart contract exploit coverage. Deposit Required: $15,000

Motivation

As market participants, both at the institutional and retail level, turn risk-averse in the context of adopting new protocols in the current market conditions, it is imperative for a novel protocol to offer an audit by a reputable firm, as well as smart contract exploit coverage for its early adopters, in the unfortunate scenario of a hack.

The proposed audit + smart contract exploit coverage will encourage early MMs and Traders to try out Hubble Exchange V2 by reducing the risk of losing funds in the event of a smart contract hack.

Terms

Sherlock will offer auditing for the following scope:

Core Exchange Functionality

  • AMM.sol
  • ClearingHouse.sol
  • smart contract exploit coverageFund.sol
  • MarginAccount.sol
  • Oracle.sol
  • OrderBook.sol
  • VUSD.sol

Layer0 Integration

  • HGT.sol
  • HGTCore.sol
  • HGTRemote.sol

The scope of work is limited to the abovementioned contracts, EVM code will not be included.

Sherlock will also help set up a bug bounty (through Immune Fi); Sherlock will cover up to 200k USDC of a critical bug bounty payout.

Smart Contract Exploit Coverage

Maximum Coverage: $2,000,000

TVL Coverage Premium: 3% annually.

Duration Purchased: 3 months.

Max Premium / Coverage Deposit: $15,000 - assuming TVL at $2,000,000 for the full duration of 3 months.

Note: Although the Max Premium must be deposited, Hubble Exchange will only pay smart contract exploit coverage premium on its current TVL. Example: if TVL is $250k, it will only be charged to cover this amount. The premium will be deducted from the Coverage Deposit. The TVL will be updated at intervals to adjust the smart contract exploit coverage premium. Users are covered at all times for the full-TVL (up to $2M), even if the DAO is paying premiums on a slightly different amount because of the lag in updating the premium.

The remaining funds from the coverage deposit can be withdrawn at the end of the 3 months or rolled over if smart contract exploit coverage coverage is renewed.

Coverage Agreement

Complete details of Sherlock’s proposal to the Hubble Exchange DAO are detailed in the following Coverage Agreement. By voting on this proposal, the Hubble Exchange DAO is signalling its approval or rejection for the terms and conditions described in the Coverage Agreement.

Click here for Sherlock’s Preliminary Coverage Agreement

Who is Sherlock?

Sherlock is an audit marketplace and smart contract coverage protocol built on the Ethereum blockchain. Sherlock works to protect Decentralized Finance (DeFi) users from smart contract exploits with security reviews from top auditors backed by smart contract coverage on the audited contracts.

Important information for protocol customers, stakers, security experts, and customers of Sherlock’s protocol customers: Disclaimers - Sherlock V2

  • for
  • against
  • neither

0 voters

3 Likes