• © Goverland Inc. 2026
  • v1.0.3
  • Privacy Policy
  • Terms of Use
Qi Dao | Mai.FinanceQi Dao | Mai.Financeby0xAd95A5fE898679B927C266eB2eDfAbC7fe268C27qidao.lens

QIP 016: Comprehensive security audit by Cloakwire

Voting ended over 4 years agoSucceeded

Summary:

We were approached by an auditing firm called Cloackwire to perform a comprehensive audit on QiDao. Given that this is a community-run project, we’re forwarding this proposal for the community to vote on.

Security and protocol safety is of utmost importance to us and our users. Before releasing any new protocol feature we conduct thorough internal checks and testing. Our intention from the start was to conduct more external audits as we continue to build the protocol to ensure that QiDao is as safe as possible for its users.

Previous work done by Cloakwire:

Cloakwire has specialized in finance, critical infrastructure, transport, and crypto. The Cloakwire team has worked with companies such as Allegiant Airlines, Laclede, Carnival Cruise, Columbia Bank, Lufthansa, Altera, B&M Gates foundation, and some Berkshire companies. In specific to crypto and defi, their team has also worked with projects like Saber, Nitro Finance, Lido, and Skale.

Information about the Cloakwire team:

The members of their team that will review the smart contracts have done work for Quant Stamp and Hacken.

Company brochure

The full audit would cost 36,000 Qi to complete and would cover the following scope of work:

Best Practices Review

Cloakwire will review all existing security procedures, policies, and best practices established by QiDao with the objective of further enhancing governance by making improvements, additions, or adjustments where needed.

Smart Contract Security Audit

Exhaustive testing methodologies will be applied to two (2) multi-collateral smart contracts to determine what security vulnerabilities may exist that could be exploited by attackers, resulting in a loss of funds.

Advanced Network Vulnerability Assessment (Internal and External)

Cloakwire will perform a series of scans employing the use of various custom or commercial tools to discover all systems and services in use by QiDao. The focus of this assessment will be to discover as many vulnerabilities as possible on all internal and external systems. Cloakwire will then validate all findings to ensure there are no false-positives, and finally offer suggestions for remediation or improvement.

Scenario-Based Penetration Test

Cloakwire will perform a series of attacks against the target infrastructure in order to determine the effectiveness of Client security controls and alerting. These attacks will be from the perspective of an attacker attempting to fabricate situations through which they can obtain investor or user funds, or otherwise disrupt the usability of the systems and applications leveraged by investors or users.

Motivation

  • Ensure best security practices
  • Identify any vulnerabilities that could be exploited
  • Reduce protocol risk

Options:

For: Perform the security with Cloakwire for 36,000 Qi Against: Do not conduct the audit with Cloakwire for 36,000 Qi

Your voting power is represented in Qi Powah. If you want to increase your voting power you can go to the Boost page on the mai.finance site.

Off-Chain Vote

Option 1
2.65M 98.1%
Option 2
51.01K 1.9%
Download mobile app to vote

Timeline

Aug 08, 2021Proposal created
Aug 09, 2021Proposal vote started
Aug 13, 2021Proposal vote ended
May 15, 2024Proposal updated