Summary
The DAO has been working on many new functionalities since our last audit, two of which are especially important to the security of the protocol. These two would be in scope for the audit:
1. WSOHM => We have already seen some protocols adopt the WSOHM contract but to get this integrated into other partner protocols they have requested an audit of this contract
2. Olympus Pro => A new product of Olympus which would need audits to the contracts as well.

Motivation
While an audit does not prevent any exploits, it can build trust both internally for our dev team as well as externally to potential partnership protocols. Because we believe that there is a huge difference in audit firms, we have opted for an industry acknowledged top tier auditing firm in Runtime Verification for which we would also like to enter a longer-term partnership.
Due to an unforeseen opening in their calendar, this audit can start already at the end of September as opposed to December/January which is why we want to take this unique opportunity to get both contracts audited as soon as possible. Because we are working with a (very) tight deadline, we will go to voting sooner than usual and will start the snapshot vote already after 24 hours.
They estimated the cost of the audit at a maximum of 200K of which 40% could be paid in OHM and the other 60% in stables.

Proposal
Allocate up to $200K of the DAO funds for the audit of both the WSOHM as well as the Olympus Pro contracts.

Vote
1. For the proposed audit
2. Against the audit

Audit of outwards facing contracts by Runtime Verification

    Anything to improve the OHMIES!! this is a good move you got my FOR vote for sure!

    lets make it happen!

    In favor, though I think the general community opinion would be that audit funding should probably not be secured ad-hoc, but rather under a framework that sets the expectation that this would be a regular, recurring expense with the roll-out of new contracts or material contract updates. 👍

      Security is very important if we want mainstream adoption. We don't want to be on the news for all the wrong reasons so I think this makes sense. Thanks, team.

      cryptocartesius

      Fully agreed. If the experience is positive from both sides we can check how we can set something up in a more structural manner.

        40% is being paid in OHM, are they under any obligation to hold for a set period?

          hippopotamus tbh, even if they sell the 80k worth of OHM all at once, it won't affect the price by that much anyway. We see too many tx larger than that on a daily basis. It's really nothing.

          The security of this protocol is non-negotiable. This should receive 100% approval. Thank you team for your diligence and hard work.

          This is important I say do it, as long as it doesn’t hasten another rate reduction vote.

          Are they worse or better than trail of bits? At any rate, I’m for. Also for a future framework to have these things automagically set up.

          I am For the audit. But… paying an auditing company in OHM… isn't there a potential for it to be construed as biased? It's like a public company paying an auditor with company shares. YesI agree you could argue that would make the auditor more invested in making sure the company is compliant, and why would they risk their reputation anyway? But hey sillier things have happened. If one of the bigwigs in the auditing company is short sighted they may decide to give OHM a sparkling review, get paid, watch the coin pump, then dump. Just a thought

            Kutu2 unfortunately the dumps even happen in the stock market all the time. I don’t know what other forms of payment we could provide it’s all convertible at the end of the day. If it’s paid in 100% Dai they could buy up OHm anyways then dump when it goes up.

            All for it. Things need to get done, and as Cart. said we’ll probably need a better framework going forward to give the community some expectations and assurances for such occurrences like this one.

            Did the auditors request OHM or this is being offered to them as a payment?

            Anything to reinforce the security of the protocol. I support this proposal/audit 1000%.

            Audits only add to the credibility. Bring them on.

            I agree with the need for an audit as it is a sound risk management practice. Personally, there should be a budget allotted for audits as necessary. Also what is the current practice in the DAO for engaging third parties?