Smart contract auditors have an image problem. During the exuberance of the bull market, the shortage of strong auditors and resulting audit prices brought in a flood of entrants focused around quick scalable code audits to meet the insane demand. However, this came at a price: average audit quality suffered, with many of 2021 and 2022’s hacks involving audited protocols!
At the end of the day, there is a mismatch between auditor incentives and protocol safety. Auditors get paid upon completion of the audit, but there is no penalty for missing bugs or reward for continued safe protocol operation. So how do you tell the good audits from the bad? If you’re not a smart contract expert, you don’t… until it’s too late. It’s no surprise then that community trust in audits is tenuous at best.
Of course, the real victims of protocol failures are the end users who trusted both the project team and auditors. But does it have to be this way?
- What if auditors were incentivized to make sure a protocol is safe past the completion of an audit?
- What if protocols that break after being audited could recoup part of their audit fees?
- What if there was a hard-to-fake way to signal trust on-chain?
As it turns out, we already know of an on-chain primitive that allows trustless alignment between parties… Ante Tests!
We’ve seen DeFi protocols like Ribbon and MetaStreet as well as NFT projects like DeFi Girls and Anoncats use staked Ante Tests to make on-chain commitments backed by crypto.
Auditors can stake Ante Tests as financial proof of auditor confidence.
Why does this make sense?
- Auditors are already familiar with the protocol codebase through the audit process. They (along with protocol teams) are ideally positioned to identify protocol invariants that should not break and define them on-chain using Ante Tests.
- Staking Ante Tests creates extended alignment between auditor and protocol. If the protocol breaks and the Ante Test fails, the auditor’s stake is paid out to challengers (e.g. protocol users). It’s like slashing bad auditors!
- This allows good auditors to make credible claims about their quality, because they now have skin in the game.
To take the first step towards better auditor-project alignment, our friends at Zellic have staked Ante’s Ante Tests as a signal of confidence behind their audit of Ante v0.5. Check them out here and here.
Between an auditor who stakes part of their fee behind the success of your project and an auditor who doesn’t, who would you trust more?
The actions of a few audit firms lost a lot of user trust and put a black mark on the entire profession. Ante Tests let you start trusting — and verifying — your auditors again.
