SJIP: Clarify where the protocol team should list their known issues and acceptable risk #30
WangSecurity
started this conversation in
Judging
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Description
Adds clarification that the protocol team should list their known issues in the question about previous audits.
Judging Guidelines PR
https://github.com/sherlock-protocol/sherlock-v2-docs/pull/61/files
Rationale
Currently, it's not clear where the protocol team should put their known issues and acceptable risks, which are not part of their previous audit reports. This creates problems that the issue might be known, but not listed, and Watsons will submit it. This creates problems on both ends: either the issue needs to be invalidated, which threatens the Watsons' validity ratio, or the protocol teams receive an audit report with issues they already knew before.
Hence, the goal of this SJIP is to clarify for both parties where they should put or look for known issues and acceptable risks.
Relevant Issue Discussions
No relevant discussion..
Beta Was this translation helpful? Give feedback.
All reactions