Smart contracts auditing companies like @trailofbits @ConsenSys Diligence or @OpenZeppelin should provide insurance services for smart contracts they are confident in.
Companies and users could pay x% per year to cover potential fund losses held or managed by some contracts.
-
Security vendors don’t resolve bugs, we advise on risk. It’s the owners perogative to take risks. If a bug is found after they deploy, that’s on the owner, not on me. I would hope our advice helped address that near inevitably, too, so handling it was quick with little impact.
Your doctor can’t control your legs and make you run. It’s not their fault if you don’t listen to every academic study they know could help you. This fantasy that a security vendor is somehow responsible for a client getting hacked is completely wrong.
-
-
I've never implied that security auditors are responsible for bugs in the code they audit, but it seems clear to me that an auditor that continually fails to report and disclose vulnerabilities that later get exploited will have a hard time finding new clients.
-
Maybe, or maybe you only booked 15 minute checkups when you needed a 2hr physical, or you’ve got a rare disease only a special test could find, or new research came out with risk factors no one understood before, or you didn’t like my advice and ignored it, etc.
- 7 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.