Summary
The DC MPA model has several advantages:
The protocol codebase undergoes at least three audit phases. This sequence, connected via a set of incentives and disincentives, is not equivalent to three separate audits; instead, it creates a potent competition among auditors.
The model ensures audit quality by properly incentivizing auditors. In particular, the lead auditor is highly incentivized, securing top-tier engagement critical for high-quality audits. Moreover, the dynamic reward pool structure also incentivizes public auditors. Depending on performance, a single public auditor could earn more than the lead auditor theoretically. The innovative reward pool structure is a crucial strength of the model to achieve top-tier engagement and "many eyes".
The model is efficient. Transferring all information from one phase to the next increases audit process efficiency. Findings are published immediately, enabling the protocol team to start mitigation immediately.
The model's core is transparent and fair. Auditors can communicate with each other, the protocol team, and the judges throughout the audit.
The lead auditor's extended engagement helps the protocol team build a long-term relationship with them.
The flexible model can be adjusted to suit the protocol team's needs. For instance, Phase 2 could be performed by a limited number of auditors instead of a public community. An individual auditor or an audit firm could perform Phase 1.
The DC MPA process can be summarized below.
Phase | Reward | Participant | Duration | Result |
---|---|---|---|---|
Traditional Audit by Lead Auditor | 30% (+20%) | Lead Auditor | Audit Report V1.2, System Analysis Report V1, Commented Repo, Walkthrough Video | |
PET Bug Bounty | 30% (+20%) | Public | Audit Report V2.0 | |
Selective Contest | 10% | Selected Auditors | Audit Report V3.1 | |
Final Review | 0 | Lead Auditor | Final Audit Report, Final System Analysis Report |
Last updated