teleo/teleo-codex
8
0
Fork 0
Code Issues 22 Pull requests 3 Projects Releases Packages Wiki Activity Actions 1
teleo-codex/decisions/internet-finance/umbra-fund-security-audits.md
m3taversal fdebd95137 rio: batch 4 — 26 new decision records for 10 projects 
New decision records with full proposal text for projects that previously
had zero governance documentation in the KB.

Omnipair (4): OMFG-001 through OMFG-004
Ranger (3): ICO launch + $2M buyback + contested liquidation
Solomon (3): ICO launch ($102.9M committed) + DP-00001 + DP-00002
Loyal (3): ICO launch ($75.9M committed) + buyback + liquidity adjustment
ZKLSOL (4): ICO launch + team burn + buyback + restructuring
Umbra (3): ICO launch + security audits + mainnet expansion
Futardio cult (3): ICO launch + omnibus (90% token burn) + liquidity pool
Kyros (1): Burn 4.42M unclaimed airdrop
Jito DAO (1): JTO Vault / TipRouter NCN (JIP-10)
Marinade (1): SAM Bid Routing to MNDE Stakers (MIP.5)

Pentagon-Agent: Rio <5551F5AF-0C5C-429F-8915-1FE74A00E019>
2026-03-24 15:53:35 +00:00

99 lines
3.8 KiB
Markdown
Raw Blame History

---
type: decision
entity_type: decision_market
name: "Umbra: UMBRA-001 — Fund Security Audits"
domain: internet-finance
status: passed
parent_entity: "[[umbra]]"
platform: "futardio"
proposer: "Umbra team"
proposal_url: "https://www.metadao.fi/projects/umbra/proposal/71nYHjLpgY7evn9G4UaGCBd6cYHpGWzrzd3ESs2KUduG"
proposal_date: 2025-11-12
resolution_date: 2025-11-15
category: "operations"
summary: "Fund Umbra security audits before mainnet launch"
tracked_by: rio
created: 2026-03-24
---
# Umbra: UMBRA-001 — Fund Security Audits
## Summary
Umbra allocated treasury funds for security audits before mainnet launch, following the same pre-launch audit pattern as Omnipair (OMFG-002).
## Market Data
- **Outcome:** Passed
- **Duration:** 2025-11-12 to ~2025-11-15
## Significance
Second FaaS-launched project (after Omnipair) using futarchy to approve pre-launch security audits, establishing this as a standard governance pattern.
## Relationship to KB
- [[umbra]] — parent entity, pre-launch security
- [[futardio]] — governance platform
## Full Proposal Text
*Source: futard.io, tabled 2025-11-12*
**Proposer:** Kru
**Requested:** 105,000 USDC
**Recipient:** Kru (for audit coordination)
**Purpose:** Security audits for Umbra before mainnet
### Summary
We are in the final stages of Umbra going live on mainnet alongside Arcium and we've spent the last month evaluating different audit partners. So far the best partner for us seems to be Halborn. This proposal looks to initiate a spend of $105,000 USDC for the same.
**About Halborn**
* **Founded:** 2019
* **Focus:** Cybersecurity and auditing firm
* **Value Secured:** Over **$1 trillion** in digital assets
* **Clients:** 600+ across exchanges, custody infrastructure, and blockchains
* ### Solana Ecosystem Security Work: Conducted **audits for Solana Foundation, Solana Labs, and Anza**.
* ### Reviewed 150K+ lines of code across SPL programs and Layer-1 components.
**Goal**
* Halborn will secure and verify both ZK circuits and Anchor program before Arcium mainnet launch.
### Challenges and scope as highlighted by Halborn
### Challenges
* Two codebases nearing completion, with ZK circuits ready for audit and Solana programmes following within weeks.
* No prior external audit of Umbra's cryptographic logic \- high need for independent ZK \+ Rust review.
* Tight launch window (\~30 days) creates risk without parallel audit execution and structured issue tracking.
* Complex dependencies on Arcium's evolving MPC infra make code freeze and scoping fluid.
* Global, remote team (India \+ Spain) requires timezone-aligned engineering collaboration and rapid feedback loops
* **Scope Includes**
* Software, System & Process design advisory
* Technical & Security Overview
* Penetration Testing & Source Code Security Assessment
* Mobile Application Security Assessment
* Red Team Exersice ( OpSec )
* Cloud Security Assessment
You can read more about the payment terms and scope of work here: [(Halborn Retainer Doc](https://drive.google.com/file/d/1vKMGEAI_m0nyABQQkNffKNVcETRO35M3/view?usp=drivesdk)).
### Execution and Timeline
* **Total:** $105,000
* **Disbursement:**
* Upfront: $35,000
* The remaining balance of $70,000 shall be paid upon the earlier of:
* (a) Approval of the payment and release of funds allocated to Umbra
* (b) Delivery of the draft report by Halborn to Client.
* **Timeline:** 35 Days
* **Note:** To ensure we can meet our launch timelines Kru will be making an upfront payment of $35000 to help us proceed with the engagement with Halborn without any delays
### Raw Data
- Proposal account: `71nYHjLpgY7evn9G4UaGCBd6cYHpGWzrzd3ESs2KUduG`
- Proposal number: 1
- DAO account: `BLkBSE96kQys7SrMioKxeMiVbeo4Ckk2Y4n1JphKxYnv`
- Proposer: `BF8hxzzR4KuVxfsyAUFyy26E6y2GhsSZgBoUQrygwof1`
- Autocrat version: 0.6
Reference in a new issue View git blame Copy permalink