Skip to content
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
40 lines (25 sloc) 4.9 KB
AGP Title Author Status Track Created
Comprehensive Aragon Security Review Program
burrrata (@burrrata)

AGP-117: Comprehensive Aragon Security Review Program

Description of desired Association policy change

This proposal is to expand the Aragon Security Review program to include all projects funded by the Aragon Association via AGPs, the Nest program, or the Flock program.

Projects would be required to submit a frozen codebase along with documentation detailing the problem the project solves from a high level, a detailed description of how the project works, and what each function in the codebase is supposed to do. At that point the Aragon Security Review team would review the project and, if satisfactory, hand off the project to a security partner. The security partner would then review the project, present findings, and provide suggestions for improvement. The Aragon project would then need to incorporate all major and critical suggestions provided by the security partner before shipping the project to end users and/or receiving any funding (ANT, DAI, or any denomination) related to finishing the project.

Motivation for changing this Association policy

Recently, when submitting an Issue in the security review repo no one replied. I was also told in various conversations that the security review program was for Flock and not Nest teams. This experience has led me to formalize an AGP stating how and when Aragon-funded projects can request a security audit.

Furthermore, in the recent 1Hive Dandelion Orgs Nest grant we set aside 15k for a security audit. We have yet to receive concrete quotes, but preliminary conversations indicate that this amount is laughably low. The complexity of Aragon applications increases the time and cost of audits. Also, the opacity of contract security in general makes it hard for developers to asses whether or not they're getting a good price and if all the services they need are covered. Most developers don't have experience with security audits. It's something senior Solidity developers probably only do a few times. Because of these reasons, it seems better to let a team of dedicated professionals in the Aragon community handle this process vs letting developer teams figure it out as they go. This reduces costs for Aragon as a whole and ensures a consistent level of security for all funded Aragon projects.

Speaking of developers building on Aragon, the Aragon community is now shipping more projects through Aragon One, Autark, Aragon Black, and the Nest program. These apps are amazing and could unlock tons of value, but only if people use them…

People are wary of DAOs because of “The DAO” hack. For people to trust (and thus use) Aragon we need to go above and beyond to prove that the Aragon platform, and all major releases of Aragon apps, are secure. This is easier said than done.

  • Security audits are not perfect. Even with an audit all you know is what was reported. They might have missed something.
  • Security audits are highly technical and the process is opaque to people who are not involved in the Ethereum security community.
  • Security audits are expensive. Having strategic and financial help to navigate that negotiation is extremely important!

Aragon is trying to attract talent and users. Having the world's easiest to build on and most secure platform is a huge selling point. If developers see that they will have help shipping professional and production-ready applications they are more likely to choose to build on Aragon vs other platforms. If users trust that all major Aragon apps are secure, they’re more likely to use them. To do this we need a multi-layered approach to security. This can include audits for all major projects (Nest and Flock), but should also include a comprehensive Bug Bounty program that covers all major apps.

The Aragon Association is spending millions of dollars on Flock teams and hundreds of thousands of dollars on Nest projects. Security audits help to protect that investment. Aragon DAOs currently hold hundreds of thousands of dollars in their vaults, and soon more organizations will be using Aragon DAOs to manage millions. It is essential that projects funded via the Aragon Association treasury funds are secure, otherwise no one will use them.

Augmenting the Aragon Security Review program will allow developers to focus on building their applications. It will also allow the Aragon Association to build relationships with trusted security partners in order to reduce time and money spent on security audits overall. This is essential for Aragon to be able to provide professional and trusted solutions for organizations on a global scale.


Copyright and related rights waived via CC0.

You can’t perform that action at this time.