Proposals icon indicating copy to clipboard operation
Proposals copied to clipboard

Published 20 hours ago verified publisher icon EthereumCommonwealth

Increase Value of CLO through Expanded Audits and Special Client Cold Staking Payment Option

Open dwarner5522 opened this issue 6 years ago • 3 comments

Proposal

Summary

As a long time CLO holder who has supported and been with this project since the very beginning, I too share in the disappointment that many of the community members have had about the continued loss of value for CLO on the crypto market. I don’t believe at all that this is due to the lack of effort by the developers or any other member of the team, but rather the lack of a proper model to increase its core value which creates the desire for people to want to hold or hodl this coin. I would like to outline some of the problems I see with the current model, but more importantly some simple corrective actions I believe we can take to get CLO back on track to price appreciation.

Description

Current Smart Contract Security Audit Model

Anyone who has been with this project in any length of time knows that the core goal of the Callisto Project is to provide “Free Smart Contract Security Audits for the Entire Crypto Industry”. The other major goals are to develop a Cold Staking Smart Contract and an On-Chain Governance System for the Callisto holders. Cold Staking is active currently and On-Chain governance is being worked on and almost ready. These two goals however are really just incentives or benefits to whoever already owns the CLO coin and do not create core value for the coin. I argue that it is only the Security Audits that create the underlying value for CLO. Therefore it is this model that needs to be revisited again.

Currently the Free Security Audits work as follows:

  • Audits are performed free of charge to the client

  • Audits are submitted through the Callisto website here: https://callisto.network/smart-contract-audit/

  • The Callisto Security Auditors Salaries are paid for from the Callisto Treasury.

  • The Callisto Treasury gets its funds by taking 10% of every block reward.

The intent is to provide free audits in exchange for advertising and public recognition through the projects that were audited

There have been some struggles with this approach however, as outlined by Dexaran on September 3, 2019 on the Callisto Reddit (https://www.reddit.com/r/CallistoCrypto/comments/cz3ay4/callisto_network_team_and_state_update/)

Here’s a snip-it from that write up by Dexaran: 1. Most of the project developers request an audit to get an "Approved" label and proceed to the listing. They don't want to fix the found bugs and delay the development. They don't want to proceed with the re-audit. Most of the audited projects did not want to admit their bugs and problems - thats why they never announce the results and behave like there were no audits and Callisto does not exist. We will place a requirement of announcing the audit request before the audit beginning since the next payment round of auditing department.

2. Smart-contract development area is stagnating at the moment. There are not much projects that are willing to proceed with the security audit. At the other hand Callisto Team needs to maintain a team of security auditors to be capable of performing an audit when it is requested. If the auditing queue is empty then auditors will be unable to receive payments. Auditors will not stay in a team if the auditing queue will be empty for long time. We need to keep the work going if we want to maintain the team of auditors.

New Smart Contract Security Audit Model

Proposal #1 – Method to Increase CLO’s Value

I propose to revamp the current Free Security Audit Model with a new model that allows the client to get a free audit - but only under a condition that benefits the Callisto Network.

The client would have (2) Options to pay for a Security Audit to be Performed:

  • Option 1 – The client pays the Callisto Treasury outright for the service at the current market rate for performing a source code audit. This would be the same amount any business or competitor that is offering the same or similar code auditing service would get in order to make a profit. This fee would need to be established by the Callisto team through industry research. The payment would be in CLO of course. The results are to be confidential and only the knowledge that an audit was performed is to be published for the community.

  • Option 2 – The Callisto Team develops a special “Security Audit Cold Staking Contract” in which the client sends the same amount of CLO (at the current market rate for performing a source code audit) to a “Security Audit Cold Staking Contract” address. This money would be locked in the smart contract and earn CLO. The Callisto Treasury will receive these CLO earnings up to the initial agreed upon fee which should be at the current market rate for performing a source code audit at the time of purchase. Once the Callisto Treasury has been completely paid, the “Security Audit Cold Staking Contract” releases the original staked CLO back to the client. The results are to be confidential and only the knowledge that an audit was performed is to be published for the community.

Option 2 should be the option that is promoted by the marketing team as this is what will set Callisto apart from any other competitors in the space. It essentially solves (2) problems: The Callisto Auditors and the Callisto Ecosystem gets paid for its services at a profit which creates that core value for people to want to hold CLO. It also allows the client an avenue to essentially get a “free security audit”. It’s a pure win-win for both parties.

It is also worth mentioning that by implementing both these options as the payment scheme, it would allow the Callisto Treasury to grow its funds significantly. These added funds can then be used toward marketing and promotion of the project.

Proposal #2 – Expand Our Auditing Services

After reading the feedback from Dexaran (Paragraph 2 in the above reddit snip-it) it is clear that the demand for just Smart Contract Auditing hasn’t quite developed yet to meet the anticipated supply of our ecosystem. Also, due to the fast moving development of ideas within the blockchain industry there is some uncertainty as to weather a “smart-contract” based single blockchain will be the preferred method for 3rd party projects to host their blockchain services on or if a Blockchain as a Service (BaaS) or Public Blockchain as a Service (PBaaS) type ecosystem will be the preferred approach (See Verus Coin for more info - https://www.thedailychain.com/the-verus-review-with-mike-toutonghi-2/).

My proposal to solve this dilemma is to not just offer a Smart Contract only code auditing service, but rather a Blockchain based Code Auditing Service that encompasses all different codes such as C/C++, Java, Python etc. Smart Contract codes such as solidity would be part of a wider suite of code auditing services.

Conclusion

As a continued supporter of this project, I hope that the team considers these proposals I have presented. I truly believe they are a good methods to create new value for this project and sustain it in the years to come.

dwarner5522 avatar Sep 29 '19 13:09 dwarner5522

I like the approach you are taking to the issues! Option 2 sounds like it would still be the most attractive compared with any competitor auditing firm. Also widening the service to more languages would be sweet!

Excited to hear Dex and Yohans response!

ghost avatar Sep 29 '19 23:09 ghost

Interesting proposal.

My 2 cents:

  1. Nobody appreciates a free lunch. This is the reality of life. We need to steer away from this model.
  2. Option 2 – The Callisto Team develops a special “Security Audit Cold Staking Contract” : May I suggest a modification: the original CLO paid for the Audit is returned only once the deficiencies highlighted in the audit are corrected. If this is done “Audited by CLO” will carry quite an important differentiation in the market. The certification from CLO will then not only clarify that bugs have been identified but they have also been rectified. With more institutional funds coming into the market it could be a game changer.

shivneja avatar Oct 02 '19 13:10 shivneja

Interesting proposal.

My 2 cents:

  1. Nobody appreciates a free lunch. This is the reality of life. We need to steer away from this model.
  2. Option 2 – The Callisto Team develops a special “Security Audit Cold Staking Contract” : May I suggest a modification: the original CLO paid for the Audit is returned only once the deficiencies highlighted in the audit are corrected. If this is done “Audited by CLO” will carry quite an important differentiation in the market. The certification from CLO will then not only clarify that bugs have been identified but they have also been rectified. With more institutional funds coming into the market it could be a game changer.

shivneja I hadn't thought about that for Option 2. I think that is a great idea though! It would make a great incentive for the client to correct their deficiencies.

dwarner5522 avatar Oct 03 '19 00:10 dwarner5522