PQ Reviews
Powered By GitBook
PQ Review Process Differences
Description of changes for Process Evolution


0.6 -- 15 October 2020

    Changed audit to review in the text of the process throughout (except where we are talking about an actual smart contract audit
    In "Summary of the Process" I removed question 2 in that says the GitHub matches the deployed code
    In "Summary of the Process" I changed the heading from Executing Code Verification to just Code

0.5 -- 7 August 2020

Added % Guidance to "Does the code match a tagged version on a code hosting platform (GitHub, GitLab, etc.)?"
Added % Guidelines to "Code coverage (Covers all the deployed lines of code, or explains misses) (%)" in Testing
Added % Guidelines to "Is it possible to trace requirements to the implementation in code (%)"

0.4 -- 24 July 2020

General rebalancing of the scoring weights
Added Summary of the Process section
Changed Deployed code to "Executing Code Verification"
Changed Requirements to Documentation
Scoring weight for the "deployed code address(s) readily available?" from 10 to 30 because it is fundamentally important
Scoring weight for the "Does the code match a tagged version on a code hosting platform (GitHub, GitLab, etc.)?" from 10 to 20
Scoring weight for the "Is development software repository healthy)?" from 20 to 10
Changed the heading of Requirements to Documentation for better clarity for the reader.
Deleted "Are the requirements available publicly? Question as it added little value.
Scoring weight for the "Are there sufficiently detailed comments for all functions within the deployed contract code?" from 5 to 10 because is important
Scoring weight for the "Code coverage", "Scripts and instructions to run the tests" and "Packaged with the deployed code" from 10 to 5 for balancing
Changed the weight of Audit from 50 to 70 for balancing

0.3 -- June 2020

"Is development software repository healthy?" of "Deployed Code" changed from Y/N to %. The AAVE code was developed in a private repository that the auditor cannot view. The public repository was created just to display the final code. This makes the public repository appear unhealthy. But as they have a valid reason and the auditor is comfortable a valid repository exists but cannot be seen we needed something better than a binary Y/N. So we changed to % and changed the explanation.

0.2 -- June 2020

This is the initial version used for the first three Audits
Last modified 1yr ago