Which option for AquaFi auditing should we go with considering the new information mentioned below?

Additional Information: We are reopening voting since Popsicle Finance has very similar functionality to AquaFi. Certik has also audited another project named Poly Network which was recently exploited for $400 million USD. You can read more about these exploits here:

https://popsiclefinance.medium.com/popsicle-finance-post-mortem-after-fragola-hack-f45b302362e0 https://slowmist.medium.com/the-root-cause-of-poly-network-being-hacked-ec2ee1b0c68f

The Options:

1. Certik - as mentioned above (audited over 500 projects)
2. Solidified - This is a company we have worked with in the past to audit Flashstake but this was also exploited. Solidified have audited over 140 projects.
3. Bug Bounty - This option would involve allocating $30,000 towards a public bug bounty programme. This is something that we would start immediately and would run perpetually until these funds are depleted. There are many options available - for example running this bug bounty ourselves as we have done in the past, using community based bug bounty programs such as ImmuneFi, etc.
4. I abstain

Please note the timelines mentioned in the last vote may no longer be valid. We are currently in talks with both auditing companies for updated timelines if we go ahead with them.

Discussion at: https://discord.com/channels/845757891897589800/872492424889507902