EthereumCommonwealth
CallistoSecurityCleanroom
Proposal
... My proposal is an extra section on the callisto.network website where you can search for smart contracts similar to coinmarketcap that have been security-approved by callisto ...
Description
... As described above, it is a type of coinmarketcap on which you can search for:
▪︎the security of a project and find information about how many issues were found during the security audit and whether they have been remedied
▪︎the date of the last security audit
▪︎all associated links
▪︎advertising can be shown as a small source of additional income
▪︎it could make it easier to request/submit a security audit and make it easier for the masses to access information about a project
there are many other possibilities for sure ...
What is needed
... Since the website is operated by the team and the missing technical know-how on my side, i would have to ask the team to implement this ...
I like the idea! It would further build the foundation of spreading the need of security audits and make it easyer for the community to help promote just that!
One idea that just popped up in my mind now was. What if we made a wikipedia version of it? Meaning, anyone can come in and add information, and maybe this info could be confimed by others.
Just thinking that it would be quite a big job to transfer the information from Github to this site for 1 person now and in the future as the Audits are being made. So building a website silimar to how wikipedia is beeing filled with information with a system where correct information can be confirmed by others maybe could be something. Still keeping your idea with having a layout as CMC Maybe Coin price and some charts on there as well,, but focusing on the security of the smart contracts audited
The projects them self would be incentivised to make that job of adding the report of their smart contract in many cases
I like the idea! It would further build the foundation of spreading the need of security audits and make it easyer for the community to help promote just that!
One idea that just popped up in my mind now was. What if we made a wikipedia version of it? Meaning, anyone can come in and add information, and maybe this info could be confimed by others.
Just thinking that it would be quite a big job to transfer the information from Github to this site for 1 person now and in the future as the Audits are being made. So building a website silimar to wikipedia with a system where correct information can be confirmed by others maybe could be something.
The projects them self would be incentivised to make that job of adding the report of their smart contract in many cases
that would also be good, it should simply open the access to the broad mass... It should be much easier to access this information and not everyone knows about it or knows where to find the information from the audits
Like i write above the possibilities are endless
I like the idea! It would further build the foundation of spreading the need of security audits and make it easyer for the community to help promote just that!
One idea that just popped up in my mind now was. What if we made a wikipedia version of it? Meaning, anyone can come in and add information, and maybe this info could be confimed by others.
Just thinking that it would be quite a big job to transfer the information from Github to this site for 1 person now and in the future as the Audits are being made. So building a website silimar to how wikipedia is beeing filled with information with a system where correct information can be confirmed by others maybe could be something. Still keeping your idea with having a layout as CMC Maybe Coin price and some charts on there as well,, but focusing on the security of the smart contracts audited
The projects them self would be incentivised to make that job of adding the report of their smart contract in many cases
but it could also be an unnecessary effort if someone deliberately makes incorrect entries like it happens on Wikipedia...
but for example the auditors have the necessary information and would simply copy and past all important informations during the process(Audit) and one person could implement this in the List
I agree, that is the problem with Wikipedia, and why i was thinking about some way to show that the information is confirmed. With sources ofc but yeah other easy ways would be good..
Maybe it is not the best idea to make it open for anyone to make changes because of this problem, might be hard to manage it and guarantee correct information.
Agreed, it could probably be made in a easy way for auditors to share the information already given on github out to this website aswell. Just the initial 300+ audits that has already been made that will take abit more effort and time.
I agree, that is the problem with Wikipedia, and why i was thinking about some way to show that the information is confirmed. With sources ofc but yeah other easy ways would be good..
Maybe it is not the best idea to make it open for anyone to make changes because of this problem, might be hard to manage it and guarantee correct information.
Agreed, it could probably be made in a easy way for auditors to share the information already given on github out to this website aswell. Just the initial 300+ audits that has already been made that will take abit more effort and time.
you're right, these +300 audits would take some time to be added bit by bit.... theoretically they could verified the new audits by the auditors and the client so everything is correct and trustworthy these are just my thoughts... how the concept should be integrated into the audit process should be worked out by the team
We already have the idea in our roadmap.
Whenever I'm talking about the improvement of SEO and CLO website update I'm mentioning the "user-friendly representation of security audits". However I'm in favor of automating the process of representing security audits so that it will be possible to draw the info from the smart-contract instead of submitting every DAPP by hand.
Ethereum smart-contracts are not suitable for this task because there are no free transactions and we can't allow users to submit audit requests on-chain in case of Ethereum. Thats why I'm in favor of implementing this on EOS and merging EOS<->CLO ecosystems.
I assume that this is our fault that we did not provide enough details about the future updates and plans. Even the roadmap is a bit disorganized.
We already have the idea in our roadmap.
Whenever I'm talking about the improvement of SEO and CLO website update I'm mentioning the "user-friendly representation of security audits". However I'm in favor of automating the process of representing security audits so that it will be possible to draw the info from the smart-contract instead of submitting every DAPP by hand.
Ethereum smart-contracts are not suitable for this task because there are no free transactions and we can't allow users to submit audit requests on-chain in case of Ethereum. Thats why I'm in favor of implementing this on EOS and merging EOS<->CLO ecosystems.
The scheme sounds extremely promising since it would not involve any additional effort after everything is put on
it would not involve any additional effort after everything is put on
I assume that looking for DAPPs and submitting audit request in smart-contract will be handled by people yet.
I assume that this is our fault that we did not provide enough details about the future updates and plans. Even the roadmap is a bit disorganized.
Given the amount of goals to be achieved, it is difficult to squeeze everything clearly into a small roadmap
it would not involve any additional effort after everything is put on
I assume that looking for DAPPs and submitting audit request in smart-contract will be handled by people yet.
I currently don't know anyone who offers this option automated, so callisto would be the pioneer in this regard
Given the amount of goals to be achieved, it is difficult to squeeze everything clearly into a small roadmap
That's why we have AMAs and collect community feedbacks. This way we will know what needs to be clarified at first.
Thanks for your contributions.
Given the amount of goals to be achieved, it is difficult to squeeze everything clearly into a small roadmap
That's why we have AMAs and collect community feedbacks. This way we will know what needs to be clarified at first.
Thanks for your contributions.
thank you for clarifying