AuditOne won twice the 2nd prize at HackOnChain hackathon, one in the main prize pool category and the other in Q.org challenge.
During the 26-hour challenge, we coded a dispute resolution system using an Expert Panel by Q Governance to verify the accuracy of the votes we collected on issues found during our auditing process.
Let's recap what we did.
AuditOne provides clients with smart contract audits by assembling auditors into a pool. After the client pays the deposit, the audit process begins. Our auditors review the code and receive a base payment for the audit, plus bonus payments for each issue identified. A committee consisting of the client and the AuditOne team meets with the auditors to discuss the issues, and the final report is released.
This process turned out to be inefficient. We created a smart contract incorporating an escrow and a dispute solution mechanism for voting on vulnerabilities. This challenge coincides with the hackathon challenge from Q to “Create a dispute resolution mechanism which can be plugged into DeFi protocols.” and to “Create a DAO design that includes the Q Governance framework in its decisions.”
We created on-chain governance to vote on vulnerabilities found during these smart contract audits to make the process faster and more reliable (multisig on the found issues). Additionally, an escrow would lock the funds during the audit and release them only after the AuditOne pool completed the audit. This video explains the process and the implementation of Q governance.
The smart contract receives payment from the client and locks it. After each auditor in a pool submits their finding, our committee votes on the vulnerabilities (5 members; 3/5 votes; This is a vulnerability = True/ This is NOT a vulnerability = False). We can ensure that no false issues are included in the report this way. When the issues are disputed by the committee, the auditors and committee vote again (4 auditors + 5 committee members; 5/9 votes). If rejected again, the solution is to abandon the issue.
We mapped out the logic of the solution in Miro. With the support of Florian from the Q team, we found a way to integrate into Q. We decided to create a similar system to the Expert Panel at Q. We built the smart contract in Remix with Solidity. The front end with React. Finally, we tested it and deployed it.
Contract address: 0xE43Da5a623Fc037409C7d9832433223A0Ee9eDa7
#Q, #solidity, #metamask, #react, #qtokenfoucet, #remix, #typescript
AuditOne is the leading smart-contract security platform for Web3 audits. Auditors are vetted and pooled together to deliver peer-reviewed audits of high quality. We provide the infrastructure and the tools to enable an efficient audit journey. Services: Security audits, Due Diligence & KYC.
The Q Blockchain enables decentralized governance for the Web3 world. It combines the transparency of a public, open, and decentralized ledger with the benefits of enforceable private contracts. Projects building on Q can go beyond the limitations of a "code is law" framework, unlocking value for all stakeholders.
HackOnChain is an official web3 hackathon for the Next Block Expo, which aims to become the largest blockchain festival in Europe.