Proposer: Beanstalk Farms
Summary: Hire Halborn to perform an end-to-end code audit on Beanstalk. Use 200,000 USDC of the 250,000 USDC that was initially reserved for the Beanstalk Farms’ Omniscia retainer to pay for the Halborn audit.
Problem: Beanstalk has received one audit of its code base up to BIP-7. However, the protocol suffered an attack on April 17 which exploited its on-chain decentralized governance structure. While the protocol is being prepared to Unpause, it is essential that it receives multiple high-quality audits to ensure that any remaining outstanding security issues are adequately addressed.
Until Beanstalk has sufficiently reestablished Beans as a reliable stablecoin such that Beanstalk can make all payments in Beans, Beanstalk needs a way to pay for things (including this audit) in other stablecoins. Beanstalk Farms has 250,000 USDC that was initially reserved for the Omniscia retainer.
Proposed Solution: Beanstalk Farms has connected with Halborn, which is an award-winning blockchain security firm. Halborn has worked with hundreds of companies and protocols, including BlockFi, Terraform, Bored Ape Yacht Club, Thorchain, Avalanche, Dapper Labs, Phantom, etc. Furthermore, Halborn has assisted other protocols such as Thorchain, Liquid, BadgerFi, EasyFi and many more after suffering their own hacks. Their audits are viewable here: https://github.com/HalbornSecurity.
To ensure the Beanstalk’s code is as secure as possible, Beanstalk has an end-to-end audit scheduled with Halborn for May 9.
Paying for the Audit This Snapshot proposes that Beanstalk Farms use 200,000 USDC of the 250,000 USDC earmarked to retain Omniscia be used to pay for the Halborn audit.
Payment: The cost of the audit is 200,000 USDC, paid upfront. Upon approval of this Snapshot, the Beanstalk Farms multisig will submit the 200,000 USDC payment to Halborn.
Rationale: After suffering a devastating attack, it is critical that Beanstalk is as healthy and secure as possible prior to Unpausing. Maintaining the Beanstalk community’s faith in the security of the protocol is paramount. As a result, in Beanstalk Farms’ opinion, hiring another high-quality firm to perform an end-to-end audit is one of, if not, the best uses of the organization’s remaining funds.