Summary

This Snapshot proposal combines PTIP-16 and PTIP-17. Details below!

PTIP-16: C4 Audit Proposal

This proposal will fund a Code Arena (C4) contest to audit the critical components of the PoolTogether codebase as well as new yield sources.

The audit is tentatively scheduled for June 16, but it's first-come first-served so it depends on how quickly we can run this PTIP.

Abstract

This proposal will transfer 72k USDC to the C4 team to fund the contest.

Motivation

PoolTogether is continually evolving and expanding. New smart contracts are being written and existing contracts are updated. With these changes some significant risk. Any smart contract that holds or has access to user funds is mission critical and must be scrutinized before being deployed. Scrutiny must come from someone with deep knowledge of the relevant protocols as well as an understanding of smart contract attack surfaces. Auditing firms specialize in this knowledge, so they are extremely valuable in de-risking smart contracts.

The core PoolTogether codebase has received third party audits from both OpenZeppelin and Diligence. Both are great firms, and we’ve had positive experiences with them. However, auditing firms are in short supply and lead times are now very long. Additionally, our protocol has a steady stream of new smart contracts that need to be audited. The classic ‘waterfall’ model of auditing the entire system in one shot no longer fits our process. We also need an auditing firm that is willing to deal directly with protocols.

Specification

Overview

This PTIP funds the first C4 auditing contest for PoolTogether. The scope of this contest includes several of the critical core PT contracts, as well as yield sources:

Core PoolTogether contracts:

• YieldSourcePrizePool.sol
• StakePrizePool.sol
• ControlledToken.sol
• Ticket.sol

Yield sources:

• ATokenYieldSource.sol (Aave V2 Integration)
• YearnV2YieldSource.sol (Yearn V2 integration)
• SushiYieldSource.sol (SushiBar integration)
• IdleYieldSource.sol (Idle Finance integration)
• Badger wBTC Yield Source (TBD)

Code Arena has scoped the contest and recommends a 50-70k USD prize pot. We’re going to put up 60k USDC for prizes, and allocate 10k of the pot to optimizations. C4 takes 20% on top of the prizes to cover the cost of judging and administration. That makes the total 72k USDC.

Rationale

Code Arena takes a community-driven approach to competitive smart contract audits. A contest is created for a codebase; there is a pot of funds for exploits, and another for optimizations. Anyone can privately submit exploits to the contest and a skilled expert, the “judge”, curates the exploits into a final audit report. The prizes are split among all who contributed to the audit report. This has some major advantages:

• Less resource-constrained
• Builds a knowledgeable community around participating protocols

To bootstrap the C4 community’s knowledge of PoolTogether, we should start with a comprehensive up-front audit. Once the knowledge has been seeded, we can start running more frequent flash contests; wherein a small piece of code (think: yield source) can have a short, dedicated contest. I think this would be a great fit for our iterative process.

Ideally, flash contests can be funded by the PT Grants Committee.

Technical Specification

USDC.transfer(0xC2bc2F890067C511215f9463a064221577a53E10, 72000000000)

PTIP-17

Deposit the $4.8 million of USDC currently sitting in the timelock contract into the sponsorship of the USDC prize pool. For voting purposes, combine this action with PTIP-16.

Motivation

This $4.2 million USDC was deposited into the time lock contract as part of the treasury diversification. It was suppose to be transferred in sponsorship tokens (in fact $1.15 million of it was) but due to transfer security constraints the remainder was not transferred as sponsorship.

Transferring into sponsorship simply means this USDC will be contributing value to the protocol and growing larger prizes while we decide what else we may want to use it for.

Technical Specification

USDC Pool = 0xde9ec95d7708b8319ccca4b8bc92c0a3b70bf416 USDC = 0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48

USCD.approve(USDC Pool, 4728000000000) USDCPool.depositTo( 0x42cd8312D2BCe04277dD5161832460e95b24262E, 4728000000000, 0x391a437196c81eEa7BBbBd5ED4DF6b49De4F5c96, 0x0000000000000000000000000000000000000000 )