• © Goverland Inc. 2026
  • v1.0.5
  • Privacy Policy
  • Terms of Use
JuiceboxDAOJuiceboxDAOby0x28C173B8F20488eEF1b0f48Df8453A2f59C383370xstvg.eth

JBP-43 - Juicebox Smart Contract Audit

Voting ended about 4 years agoSucceeded

Author:

Mr. Goldstein

Payout recipient:

Certik (wallet address TBD) * PeckShield (0xf87099C8EDE8Cb6267B9A1bF7bDfb98504062815)

Proposal date:

12/11/20211

Provide a comprehensive, 1-2 sentence summary of your proposal.

With the launch of V2.0 the JuiceboxDAO would like to conduct an end-to-end audit of the updated smart contracts. This audit will help minimize the risk of future smart contract exploits and increase the security and reliability of the system.

After review and negotiation with multiple potential providers, we have identified CertiK and PeckShield as a potential provider.

Certik is a known provider in the space and has previously conducted audits for projects such as Polygon, Bancor, Terra and The Sandbox. The company has been in operation since 2017 and has raised over $150M from various backers including Lightspeed, Tiger Global, and Coatue.

PeckShield is a smaller company that has been working on multiple DeFi projects including Aave and Maker as well as protocols such as Harmony and Neo. While known less in the Western Hampshire, PeckShield is a known brand in Asia.

What is this payout for?

Security Audit for the smart contracts located in the following Git library: ‣. The targeted start date of the audit is mid-January and the projected length is between 21 - 30 days for completion of both Audits.

Payout Amount

Total: $120K

PeckShield: $66K ($12K paid upon agreement to reserve a slot). This was prepaid by Jango and requires an immediate refund of 3.15 ETH (https://etherscan.io/tx/0x2291ca5b937422cfba3491117ac5b3fd20777911aadf75bd567d27e1a28529dd)

Certik: $54K

Payout invoice

PeckShield reserve payment txn: https://etherscan.io/tx/0xfc55a16ba647423580082bfc97f8c62f711acab78aa0a85473a94c249efbdd4e

Untitled

What risks, drawbacks, or cons should be considered?

Two key risks:

  1. Counterparty Payment - we pay to the wrong ETH address; can be mitigated by communication only through official channels with the provider
  2. Poor Performance - the Audit provider does not do a good enough job and doesn't identify potential exploits/bugs; mitigated by a secondary audit and a potential bug bounty program (bug bounty program launch proposed here: https://www.notion.so/juicebox/1a29a07bb815419996be81f24fef19a7?v=a317549fdf6f457b98fe787e38c3d2ae&p=18cf1b7d1c8c426fa0753163f59adbc4)

Sponsors:

Jango twodam.eth

See This Proposal on IPFS: https://gateway.pinata.cloud/ipfs/Qmau2xe8LkQwTLzoHKaVarG1mzJEnn9EE5bv9seJhrciUL

Link to Discussion Thread: https://discord.com/channels/775859454780244028/873248745771372584/920963297795248149

Link to Proposal on Notion: https://www.notion.so/juicebox/Juicebox-Smart-Contract-Audit-d668152d6ccc49d5b2fe682a0b9683bc

Off-Chain Vote

Yes
73.18M 99.7%
No
0 0%
Abstain
205.65K 0.3%
Download mobile app to vote

Timeline

Dec 21, 2021Proposal created
Dec 21, 2021Proposal vote started
Dec 25, 2021Proposal vote ended
Nov 07, 2024Proposal updated