AIP 82: Contract Security Audit

[dmosites]

Summary

• Requesting 120K AST for a PeckShield security audit
• Includes a one person-week audit for Swap, SwapERC20, and Wrapper
• Public report to be published alongside release on March 1st, 2023

Specification

AirSwap developers are finalizing the latest release of AirSwap Protocols to be published on March 1st, 2023. Several contracts have been updated and audited since the last major release and three additional contracts are ready for imminent security audit:

https://github.com/airswap/airswap-protocols/tree/main/source/swap https://github.com/airswap/airswap-protocols/tree/main/source/swap-erc20 https://github.com/airswap/airswap-protocols/tree/main/source/wrapper

An internal audit by ConsenSys Diligence was completed at the beginning of the year and mitigations addressed in full in preparation for a public audit and published audit report. 120K AST will be handled by dmo.eth and converted to USDC or USDT on a random date and time prior to payment.

Rationale

For projects like AirSwap, which aim to enable substantial value exchange in a trustless computing environment, security engineering is of paramount importance. Including third-party security auditing teams in our protocols release cycle helps us understand the full picture of our design and implementation from the viewpoint of professional contract security engineers.

PeckShield is a reputable blockchain security company that’s performed hundreds of contract security audits over the years. The team previously audited and produced the audit report for our last major release on February 15, 2022.

Copyright

All proposals are public domain via CC0.