I’m looking for recommendations on the best source to monitor Gnosis safe contract vulnerability disclosure. Is there a consistent / definitive channel to monitor for vulnerabilities? Ultimately, I’d like to be notified with an alert for any newly discovered vulnerabilities, along with the contract version (e.g. “v1.3.0”).
The objective, as you might expect, would be to enable me to take rapid action should an exploit be discovered. Any guidance appreciated!
We are currently working with https://hats.finance to setup a bounty that is tracked on chain and would be easier/ more public accessible and potentially also allows the dao to be more directly involved in it.
This is currently still in the setup stage and we will share more data to collect feedback on the requirements from the DAO soon.
In general we are currently revamping our security related efforts. We are also starting coordination with different audit and verification companies to have audits and formal verification as a more integrated part of our future protocol.
All of this is something that should be owned by the DAO in the long run and we are currently just setting the base for future initiatives.