During the OUSD post-mortem, we agreed on the importance of quickly analyzing attacks on other Defi protocols to a) ensure OUSD is not at risk of a similar attack; b) continuously educate our team in terms of smart contract security and c) spread the knowledge within our team about the internals of our OUSD contracts. We decided to setup up a rotation so that everyone in the engineering team gets to analyze hacks.
- The responsibility involves writing a short write-up of the hack with technical details and whether or not OUSD is at risk of a similar attack.
- This should happen shortly after an attack, ideally within 24 hours.
- While the rotation designates an engineer responsible for driving the analysis, it does not mean this engineer is on their own to figure it all out. It should be a learning experience where asking questions and getting help from the rest of the team is expected.
- It is impossible to predict when the next hack will occur. An engineer who is next on the rotation may be OOO when a hack happens. In that case, we can simply have the next person on the list, or anyone who wants to volunteer, trade their spot with them.
Note: rotation generated using this script