Security audit funding campaign

igno.peverell · October 10, 2018, 10:49pm

The time has finally come where Grin is almost ready to undergo a code security audit, before a mainnet release. Unfortunately professional audits are expensive, so once again we need your help for funding:

https://grin.mw/sec_audit

If you’re planning on doing anything with Grin, whether it’s transacting, investing, mining, or developing on top of it, think of it as buying an insurance.

drop_of_sunshine · November 9, 2018, 11:48pm

Samsung has just announced grants for decentralized technology development between $25k and $75k, I see no reason why a cause like this would not be eligible.

igno.peverell · November 10, 2018, 1:07am

Great idea, I just submitted an application. Fingers crossed.

monkyyy · November 10, 2018, 3:22am

Hmmm isn’t it unlikely to work?

Security audits may be important, but its not flashy

Cristian · November 10, 2018, 9:25am

buying an insurance…?

Askepios · November 11, 2018, 12:18am

This is perfect. Grin is a shoo-in for this grant. Igno is a great writer whose English is correct @Cristian and if I had to guess, British.

Roybitsir · November 11, 2018, 8:45am

Really want to be one of the early investers.
To promote the progress of this project.

SNARKs · November 20, 2018, 1:58pm

Hi, are the devs gonna change the target amount because of the recent bitcoin price decrease ?

igno.peverell · November 20, 2018, 7:04pm

The security audit campaign is now about half-funded. To move forward, we decided to close the campaign at the end of the month (Nov 30th) and try to do with a reduced scope. A more complete audit is still highly desirable and reducing the scope could leave some large security holes. Not to mention that the amount could be too small to attract an auditing firm. So please if you can do anything, do it soon.

I would also like to thank all the people and organizations that have donated for the audit, your help is highly appreciated.

Fab · January 13, 2019, 7:51pm

Hi, What is the status of the Security Audit? Do you need any support?

Fab · January 15, 2019, 10:24am

Hi Igno. What is the status of the audit, is it already ongoing?

0xb100d · January 16, 2019, 2:03am

It is ongoing one crypto library was successfully audited and I believe some rust crates? It was also fully funded and should continue more in depth in the future.

Can’t find link to the summary now on mobile…

Currently grin is running a new fund raising campaign to pay our one paid dev to feed his family, you can find it in announcements section, every little bit helps.

lehnberg · January 21, 2019, 2:23pm

latest governance meeting:

4. Security audits

Minimal scope has been updated:

The Grin core crate

The Grin keychain crate

The Grin chain crate

catheryne_n_twitter: I updated the Phase II bid request to include only the core, keychain, and chain crates and re-sent it out to Kudelski, x41, NCC, Quarkslab, LondonCryptoServices (LCS), Trail of Bits, and Coinspect. London graciously declined, NCC responded but I don’t have a bid from them, and I did not hear anything back from Kudelski, x41, TrailofBits. The two competitive bids I received back were from Quarkslab and Coinspect. Both are in the ballpark of each other as far as price. Since the proposals are confidential, didn’t want to post but I sent both them to Igno. Coinspect can start Jan 28, Quarkslab mid-Feb. NCC would like to have through this weekend to complete their bid. We can wait, or we can pull the trigger on one of the 2 competitive bids that are in.

Originally we wanted to raise in the range of ~$100k, currently we have ~17 BTC ($67k)

Once we pick a firm, we may choose to do wallet crate audit as an extension of their work if we are happy with results.

Decision: How to settle on auditor

To wait until next week to have three bids to compare.

To review quotes and make a decision in a dedicated sesssion following the developer meeting on Jan 22.

Kenny3486 · February 1, 2019, 3:57am

Hey boss,
I dont know who the correct person to contact is but I would love to speak to someone in regards to a possible partnership. Private funding etc… if you or someone could please e-mail me at kenny3486@gmail.com I would greatly appreciate it and I look forward to speaking

Topic		Replies	Views
Grin++ Security Audit - Funding update	4	1889	August 21, 2019
Funding Campaign - Grin++	9	1460	July 2, 2019
Request For Funding, @lehnberg: Oct - Jan 2019/20 Governance	5	1549	October 14, 2019
Grin Audit for 4.0.0-* Release Research	5	1050	August 14, 2020
Question about the Grin++ audit Governance	12	1259	July 23, 2020

Security audit funding campaign

Related topics