Audit Lifecycle
The protocol is designed to create a "marketplace" for audit discovery, transparently and seamlessly allow for term agreements, and serves as a platform to determine status of audits.
The protocol can be parsed into multiple stages, which depict the lifecycle of the auditing processes. Here, we'll define two non-mutually exclusive parties Protocol Owners and Auditors, which are used throughout the docs.
A user must claim a role on the Bevor site in order to submit an audit or conduct an audit.
Discovery Phase
Bidirectional discovery period, where protocol owners can find auditors, and auditors can find audits they'd like to audit.
Attestation Phase
Once a Protocol Owner has submitted their audit details and has selected at least 1 auditor, they can lock the audit and move it into the attestation phase. This is where protocol owners and auditors agree on terms of the audit.
Auditing Phase
Once the terms are agreed on, the auditing phase can be kicked off. This is where auditors conduct the audit and eventually submit their findings. Findings are never exposed to any party until the Protocol Owners elects to lock their payment for the audit in escrow, and some period of time passes where the protocol owner implements changes.
Challenge Phase
Once the Protocol Owner has taken the action above, and implemented the findings, the audit becomes challengeable. This is covered more in the DAO.
Finalized Phase
The auditing cycle is completely finished. Audits were conducted, funds appropriately moved, and status of the audit has been officially qualified. Proof of an audit is verifiable by on-chain mechanisms, and easily accessible as an NFT.