FrostFlakes is now Audited and KYC’ed

mitchellias
FrostFlakes
Published in
7 min readOct 11, 2022

The next phase of trust: Our audit and KYC.

We have been audited and KYC’ed. We want to share the results of both of these and what they mean for FrostFlakes.

Spoiler Alert: we’ve been audited by George Stamps Audits!

The DeFi audit space has changed just as rapidly as the DeFi space as a whole, and that makes sense. An audit doesn’t protect against rug pulls. Also, auditors are just humans, and are subject to errors, bias, and their own subjective ethics.

To some investors, being audited brings a great deal of trust and peace of mind to the project. We believe it is who you are audited by that matters most, and that is why we held out to get audited by George Stamp, whose group leads several projects and recently became an auditor themselves. We were fortunate enough to be audited by them, even though we are considered an “old” project in DeFi, having been around since late May. Their focus is on new projects.

The overall score of our audit: a Green 76.

Audit Summary

We scored very well in all categories besides the “Other Risk” category.

We would like to elaborate on our score in this category. The reason we scored low in this category is because 1) if the contract balance reaches 0, investors won’t be paid, and 2) we are an upgradable contract. I am going to focus on pros and cons of being upgradable, as 1) feels self-explanatory. We can make upgrades to our contract, which is exactly what we do, because it is how we improve our FrostFlakes.

We knew we were going to get dinged in the audit for this, but that didn’t stop us from pursuing the audit. We believe there are huge upsides to being upgradable, which offset the risk.

There are two sides to every story, and the auditors know this.

The audit says: “Being upgradable means the project can evolve indefinitely which is a good long term prospective”.

Wow, thank you. We agree!

Even more upside for being upgradable, as noted by the auditors:

“A few functions will not scale and might revert if the project’s user base grows too big. The upgradability nature of the contract is a good way to compensate for this fact.

This is why we are upgradable, and we are appreciative that the auditors recognized this as well. Thank you :)

We love that we are an upgradable contract. We made this loud and clear from the beginning. It was an intentional development decision, weighing all the factors we could at the time. It was why we migrated from V1 (an immutable contract) to V2, back in August… we wanted to make serious upgrades to FrostFlakes, like being able to stake 50% of every deposit in PCS to earn rewards, and give us a new revenue stream.

Being upgradable means we can adapt and improve based on what we learn. It allows us to add new features to FrostFlakes, meet the rapidly changing demands of the market, improve the investor experience, and make us more sustainable, thereby reducing the risk for all investors and making us a better investment opportunity for all.

So, we own being upgradable, and see it as a pro, not a con.

Here is some of the value we have created over the last two months because we are upgradable:

  • Created a new revenue stream utilizing PancakeSwap (PCS) staking, which earns rewards that are compounded back into PCS.
  • Generated another revenue stream, by deploying an army of bots (7 and counting), whose earnings are compounded back into the bot equity pool.
  • Two lottery features, which promotes more deposits.

If being upgradable has helped us deliver more value, then why were we dinged heavily for it?

The tradeoff with being upgradable is that we can make changes to the contract, at any time, that would allow us to take all the money. But we are not going to do that, because that would be insane.

A subtle distinction that is also worth mentioning: there is no way we can take money from our contract today — there is no “backdoor”. It is not possible given the current state of the contract.

We scored 100 on this category!

At the present moment, there is no way we can remove funds from our smart contract. It is not possible unless we write the code to do so.

We completely understand that this poses a risk to investors, and why we scored RED in this category, and only this category. We understand why the auditors scored us this way, too. We are not complaining, but rather explaining the upside of being upgradable to counteract the level of risk involved in being so.

How do we counteract this risk? If we are going to stand by the benefits of being upgradable, and accept that risk, we know we must give investors reasons to TRUST us as project owners!

We build actual, real, human-to-human trust. Call us old-school, but we are counting on this to be the cornerstone of our success. By being transparent, building in public, doing what we say we are going to do, launching on time, admitting if we make a mistake, being respectful and genuine people, acting without greed, and treating our community with compassion, we have and continue to build TRUST.

The auditors noticed:

T-R-U-S-T. Find out what it means to me :)
Thank you to the George Stamp team for mentioning this!

We can’t make this sh*t up. We’ve been generating trust!

DYOR and maybe that trust will blossom from within you, too!

We asked ourselves: is it worth it to become immutable, to score higher on the audit? How many points higher? 10? 15? We are not sure, but we are okay with our upgradable 76.

Here is the thing- with all this talk about being upgradable, we would like to make it clear that we are not opposed to becoming immutable in the future, thereby removing any possibility of us making changes to the contract, and thereby removing the ability to steal. However, that is a strategical decision and would make more sense when we feel we no longer need to make improvements to FrostFlakes. It is not out of question, but it is not appropriate right now. We are still growing and adding new features.

Huge shout-out to Apeiron, who is the individual team member of George Stamps, who conducted our audit. Thank you for your help and feedback, and for being part of our community!

Check our promotion on the George Stamps website:

How we got KYC’ed

KYC, like an audit, is another way to reduce the risk of the project, because it links the identity of the owner(s) of a project to the project itself.

We KYC’ed through Binance’s Account Bound Token (BABT).

KYC’ed through Binance, of all things.

BABT tokens are the first-ever Soulbound Token (SBT) built on the BNB Chain. BABT token is non-transferable and has no monetary value. It functions as a digital verification tool for Binance users who have completed Identity Verification.

In other words, Jack received a BABT token, and it has been associated with the V1 Owner’s address of FrostFlakes. This just satisfied Jack’s KYC via Binance: one of the most rigorous and trusted KYC programs in existence. KYC was just manifested through a token, how is that for utility? Pretty cool.

Ask yourself: would you rather us be KYC’ed through some third-party KYC service you have never heard of, or would you rather us be KYC’ed by Binance- a leader in KYC? Which KYC service would you trust more? It is odd how trust works, even in this decentralized world we are creating.

For all of you who have ever asked: Wen KYC? or Wen Audit? in our telegram, well now we have both.

But let’s be honest, you already invested without us having completed those, because you trusted us and our project :)

#stayfrosty

Links

The above references an opinion and is for information purposes only. It is not intended to be investment advice. Seek a duly licensed professional for investment advice.

--

--