Image for post
Image for post

Decentralized software auditing using Ethereum and Smart Contracts

Through the rise of various Ethereum-based smart tokens and contracts, there have been multiple examples of code going wrong due to a calculation error or lapse of judgement. Placing a decimal in the wrong place could have devastating consequences on an ICO and long term effects with investors trust in the company or contract.

Because we want to guard against and help developers avoid situations where an error is critical. To solve this problem we are building the VEON DAO: a decentralized auditing engine that allows anybody, to easily have their code reviewed at a price they are willing to pay.

Image for post
Image for post

Using a decentralized approach to audit source code, edits and reviews can take place quickly with no middle man required. With the VEON DAO, developers can request an inspection of his or her code to anyone in the world, allowing reviewers to inspect the product listed. Developers will have the option of setting their budget price, reputation score required, and the number of auditors they are looking for.

A software developer is then easily able to deposit his funds into the contract, publishing their listing.

The VEON DAO operates using multiple components, in order for crypto-economic benefits to exist for parties involved in the project.

These components include the TERMINAL: an application used for contract listings, the 2-of-2 escrow contract between the auditor and programmer, the token of choice (ETH/DAI/STABL) used for payment, as well as an additional contract that rewards VEON token holders with quarterly dividends based on their percentage of holdings. When combined, these components come together to create an environment that is beneficial for the entire ecosystem.

Furthermore, in the case of any audit disagreement, VEON token holders will be able to opt-in to settle any disagreement based off of the mediation model presented by the First Blood development team. This allows for the option of mediation, where disputes can be resolved with community involvement.

An example of the contract would proceed as follows:

John wants his C++ code looked over to ensure his work is sufficient.

He opens up the TERMINAL ÐApp and enters the contract criteria.

Price willing to pay, minimum reputation rating required, and number of auditors allowed to review.

John then makes sure his information is correct, deposits his payment token of choice into a unique, multi-sig contract, and publishes the listing to the TERMINAL.

Sabrina sees John’s audit request in the TERMINAL window, checks the requirements, and sends John a request to audit. John reviews Sabrina’s profile, then accepts.

Once Sabrina has completed the audit, and John is satisfied, they both confirm with the multi-signature contract and funds are distributed: a percentage to Sabrina, and a small percentage to the VEON DAO contract.

John then has the option to review Sabrina on her performance of the Audit. Sabrina also earns greater respect on her reputation score.

Along with John and Sabrina, the TERMINAL will be processing and managing many other requests, funds, and disputes.

Staying true to the spirit of auditing and open source ideals, our projects code will be available for viewing on Github. The crowdsale contract is to be published ahead of the initial sale to allow anyone to review it before deciding to invest. This way there are no discrepancies with how the crowdsale will be operating and distributing VEON tokens.

More details on the crowdsale will be published as development continues.

Interested and want to get involved?

Connect with us on our Slack channel here

Read our Whitepaper to find out more information

Follow us here on our Medium for further updates

Find us on our website at

Published by John VEON, 6 May 2017

Written by

a p2p code auditing platform built using ethereum

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store