Sigma Prime: Security Assessment Services for Aave

Support of this proposal from BGD :+1:

One of our responsibilities concerning the development and security of the Aave ecosystem is to support other parties doing quality work to start a valuable relationship with Aave.
The case for Aave <> Sigma Prime is pretty straightforward for us, with the rationale being:

  • We (BGD) have worked with Sigma Prime in the past and can certify the diligence and quality work of the team.
  • As mentioned in the introduction, Sigma Prime is familiar with both Aave v2 and Aave v3 codebases, which removes the risk for the community of engaging with somebody not having specific knowledge about Aave. Team members participating in those previous Aave projects will be allocated to Aave during the engagement, which is a must.
  • We believe the budget is reasonable, considering the quality and length.
  • Given the decentralized nature of the contribution to the Aave ecosystem, we value the flexibility proposed with the 240+40, as it can be challenging to define a strict roadmap, with potentially new parties starting their contribution in the middle of the engagement.
  • Having relations with both Certora and Sigma Prime will put Aave in a pretty good position security-wise, covering 2 of the main parts of the lifecycle: verification of properties and security reviews.
1 Like