Below is a draft proposal to work with independent auditor Phil Hofer to review changes made from the original UniswapV2 contracts in the DXswap Core and Periphery repositories, as well as to review the deployer scripts in the DXswap Core repository.
Phil Hofer (Sunfish Technology, LLC) is an experienced security engineer with four years of smart contract-related auditing experience. He has worked with dozens of clients to help secure over a billion U.S. dollars worth of cryptocurrency managed by smart contracts. His current and former clients include banks, “stablecoin” guarantors, DAOs, and large ERC20 token issuers. His professional practice also includes auditing of conventional security-critical softwareand firmware.
Draft DXswap Core, Periphery, and Deployer Audit Proposal
DXswap Core and DXswap Periphery Repositories:
https://github.com/levelkdev/dxswap-core/
https://github.com/levelkdev/dxswap-periphery/
Cost
$9000, paid in ETH in two parts, half upfront, half upon completion. Since DXdao can only pay in ETH for the time being, this proposal stipulates that if volatility negatively affects the dollar amount of ETH paid upon the proposal passing, then Sunfish Technology, LLC may make an additional proposal for the difference.Scope
Includes a line by line review of the diffs between UniswapV2 and DXswap following:
- dxswap-core/contracts/DXswapERC20.sol
- dxswap-core/contracts/DXswapPair.sol
- dxswap-core/contracts/DXswapFactory.sol
- dxswap-core/contracts/DXswapDeployer.sol
- dxswap-periphery/contracts/libraries/DXswapLibrary.sol
- dxswap-periphery/contracts/DXswapRouter.sol
Timeline
The report will take five business days to complete, and will begin on a business day no earlier than September 28th. The report will be delivered at the end of the fifth business day of work. (For example, a start date of September 28th would mean delivery at end-of-day October 2nd.)
The first half of payment is included in this proposal, and a proposal for the second half of the payment will be made upon the report being delivered.
THIS AUDIT IS PROVIDED BY SUNFISH TECHNOLOGY, LLC. “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL SUNFISH TECHNOLOGY, LLC. OR ITS OWNERS OR EMPLOYEES BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS REPORT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.