SolidityScan Polkadot Proposal
Beneficiary:Integration Partnership with SolidityScan for Enhanced Security in the Polkadot Ecosystem
Overview
This proposal seeks to establish an integration partnership between SolidityScan and key projects in the Polkadot ecosystem, including BiFrost, Moonbeam, Hydration, and Unique Network. SolidityScan is a leading blockchain security platform specializing in smart contract analysis, designed to promote trust, transparency, and security in decentralized applications. By integrating SolidityScan’s analysis tools into the explorers of these ecosystems, users will benefit from real-time insights into contract security, ultimately enhancing the user experience and security of the ecosystem as a whole.
Proposal Goals
The goal of this partnership is to provide users of these ecosystem explorers with access to SolidityScan’s security analysis and scores for verified contracts. This integration aims to:
- Elevate security by displaying SolidityScan’s security scores and analyses.
- Enhance transparency through direct access to SolidityScan’s insights on the explorers.
- Streamline the user experience by embedding security insights directly into the explorers.
Value Proposition for Polkadot Ecosystem Users
1. Elevated Security
Users of Polkadot ecosystem explorers will have direct access to SolidityScan’s security scores for verified contracts, which indicate any potential vulnerabilities. This empowers users with the information needed to make secure and informed interactions with smart contracts.
2. Increased Transparency
Displaying SolidityScan’s analysis reports directly within the explorer interfaces will provide Polkadot users with increased transparency. This accessibility encourages trust and helps foster a secure ecosystem environment.
3. Streamlined User Experience
By integrating security insights within the existing explorer interface, users can view SolidityScan’s findings in a seamless, familiar way, enhancing their experience and confidence.
Phased Integration Approach
To ensure an effective and smooth integration process, the integration is proposed in two phases:
Phase 1: Initial SolidityScan Integration with Explorers
Timeline: This phase can be completed within a few days upon receiving the necessary API credentials and data points from the explorer teams.
Functionalities: SolidityScan will establish a direct integration with the explorers, allowing users to scan verified contracts hosted on the explorers and access security analysis reports through SolidityScan’s interface.
Phase 2: Direct API Integration on Ecosystem Explorers
Timeline: The timeline will be decided upon further discussion with each explorer team, taking into consideration specific functionalities and data requirements.
Functionalities: This phase will allow explorers to integrate SolidityScan’s APIs directly into their systems. Users can view security scores and analysis reports directly within the explorers, promoting a more secure, transparent, and user-friendly experience.
A Glimpse into SolidityScan's Integration
1. Locate the "Verified Contracts" section on your blockchain explorer and choose a verified smart contract from the list. Look for the distinctive SolidityScan shield icon with the Security Score on the top right corner of the contract page.
2. Click on the SolidityScan shield icon to access a short summary, including risk levels and vulnerability overview.
3. View the full report to get a threat summary and detailed description of vulnerabilities present in the contract.
Note: For demonstration purposes, we've used Base Explorer as an example.
Integration with Astar Explorer
Integration Pricing:
One-time API integration fee of $2,500 for each explorer.
This fee covers the development and deployment costs for integrating SolidityScan's security analysis tools into your explorer.
Track Record of Success
SolidityScan has successfully integrated its security analysis into over 40 Blockscout-based blockchain explorers, including prominent networks such as Base, Ethereum, Avalanche, Gnosis, and Rootstock. Additionally, SolidityScan has partnered with established blockchain explorers like RouteScan and BlocksScan. These integrations demonstrate SolidityScan’s commitment to enhancing security and transparency across the blockchain space by providing accessible and reliable security insights within widely used explorers. We have also integrated with Remix IDE & have created a plugin for VScode which enables developers to use SolidityScan’s capabilities directly in their coding environment.
Conclusion
SolidityScan’s integration with BiFrost, Moonbeam, Hydration, and Unique Network will provide ecosystem users with valuable security insights, fostering a secure, transparent, and user-centric environment. We invite these ecosystems to join hands with SolidityScan and leverage our expertise in blockchain security to protect users and encourage a culture of transparency and trust within Polkadot.
We look forward to integrating with Polkadot AssetHub once pallet-revive is incorporated into its runtime.
Edgetributor SubDAO’s role
The SolidityScan team reached out to Edgetributor SubDAO to integrate with Edgeware EdgeEVM explorer and Edgetributor SubDAO members noticed that there are many other Polkadot ecosystem chains with EVMs which can also be benefited from the potential ecosystem-wide integration. With the upcoming pallet-revive on AssetHub, it’s better to test such an integration on a smaller scale first on a few existing parachains having active EVMs. Thus Edgetributor SubDAO members suggested the SolidityScan team to start with BiFrost, Moonbeam, Hydration, and Unique Network before moving on to the ecosystem-wide integration.
- Curation: Introducing the SolidityScan team to the Substrate/ Polkadot ecosystem and OpenGov quirks along with the curation of the development scope/ proposal.
- Operations: Setting up points of contacts/groups with the chains to be integrated and provide expertise with frontier/ substrate wherever needed.
Onchain proposal details:
Amount Requested: 10000 USDC
Operations (5%) & Curation fee (5%): 1000 USDC
Total: 11000 USDC
Recipient address:15MrU2739SvEc8AUXe4HR3FnoratBxRXA7oJMXedvcz1F6hq
Comments (5)
Proposal Failed
3
of 3Summary
0%
Aye
0%
Nay
Aye (47)0.0 PAS
Support0.0 PAS
Nay (54)0.0 PAS
Comments (5)
Lucky Friday have voted NAY. Please consider this a temporary notification after our vote has gone on chain. If you would like additional feedback on our rationale for this vote, please join our OpenGov Public Forum on Telegram here: https://t.me/+559tyPSfmGg0NzUx
Lucky Friday provides feedback once per week (Fridays) if specifically requested in our OpenGov Public Forum, and we respectfully ask that all proponents of referenda interact with us here for the sake of transparency. Please tag our Director of Protocol Relations “Phunky” with your referendum number so that he can gather the relevant commentary from our internal deliberations.
ChaosDAO would like to provide the following feedback from our community. We offer this feedback voluntarily in the spirit of OpenGov, in order to help teams improve their proposals so we can all build the network together.
1. Members expressed that these requestors should submit a grant application to the Polkadot Assurance Legion (https://dotpal.io/) as their bounty now covers security tooling
2. A member expressed concern that the SolidityScan team haven't discussed this with the parachain teams they are intending to support and whether or not it's something those teams can even support in the current market.
ChaosDAO votes as a collective based on the results of our anonymous internal voting procedures. Our members are not required to provide any feedback about why they have voted in a particular direction. Similarly, to respect our members' right to anonymity, we will not be sharing the names of individuals who have chosen to voluntarily provide feedback. You can find out more about how we vote and how to get in contact with us here: https://x.com/ChaosDAO/status/1762986093316587995.
Lucky Friday have voted NAY. Please consider this a temporary notification after our vote has gone on chain. If you would like additional feedback on our rationale for this vote, please join our OpenGov Public Forum on Telegram here: https://t.me/+559tyPSfmGg0NzUx
Lucky Friday provides feedback once per week (Fridays) if specifically requested in our OpenGov Public Forum, and we respectfully ask that all proponents of referenda interact with us here for the sake of transparency. Please tag our Director of Protocol Relations “Phunky” with your referendum number so that he can gather the relevant commentary from our internal deliberations.
ChaosDAO would like to provide the following feedback from our community. We offer this feedback voluntarily in the spirit of OpenGov, in order to help teams improve their proposals so we can all build the network together.
1. Members expressed that these requestors should submit a grant application to the Polkadot Assurance Legion (https://dotpal.io/) as their bounty now covers security tooling
2. A member expressed concern that the SolidityScan team haven't discussed this with the parachain teams they are intending to support and whether or not it's something those teams can even support in the current market.
ChaosDAO votes as a collective based on the results of our anonymous internal voting procedures. Our members are not required to provide any feedback about why they have voted in a particular direction. Similarly, to respect our members' right to anonymity, we will not be sharing the names of individuals who have chosen to voluntarily provide feedback. You can find out more about how we vote and how to get in contact with us here: https://x.com/ChaosDAO/status/1762986093316587995.