Business Continuity
Classification: Restricted
Stage: Enquiry stage (40)
Introduction:
The Web3 Security Framework Initiative is a collaborative effort to promote the adoption of best practices in web3 security. The initiative aims to minimize the risks associated with security vulnerabilities and hacks, which have become increasingly prevalent in the web3 space. Moreover, projects that demonstrate full compliance with our rigorous guidelines will earn an on-chain certificate recognized by all the AvengerDAO members on the BNB Chain ecosystem.
This document serves as a comprehensive checklist of the critical elements surrounding Business Continuity best practices.
| Item ID | Security Check | Criticality | Is Project Compliant? | Comments |
|---|---|---|---|---|
| 1 | Project Funds | |||
| 1.1 | Certify the composition of funds of the project is enough to survive a bear market. | TBD | ||
| 1.2 | Verify the safety of the storage of the project funds and clear the process to manage them relying on cold storage, and multi-sig wallet. | TBD | ||
| 1.3 | Define the actions that could be performed to protect your community in the case of a major incident, e.g., a hack. | TBD | ||
| 2 | Token Vesting | |||
| 2.1 | Prevent team members and investors from dumping crypto assets. | TBD | ||
| 2.2 | Clearly communicate to your stakeholders about the internal token vesting periods. | TBD | ||
| 3 | Systemic Risks | |||
| 3.1 | Certificate the existence and feasibility of a remediation plan in case of large market price fluctuations given external conditions. | TBD | ||
| 3.2 | List and monitor the type of liquidity pools using the project token and determine a risk associated with each one of them. | TBD | ||
| 3.3 | Define clear operation guidelines with contingency plans. | TBD | ||
| 3.4 | Put together actionable contingency plans for each potential risk. | TBD | ||
| 4 | Partnerships Relations | |||
| 4.1 | For every risk, certify the Identification of potential downstream contagion and come up with contingency and standard operating procedures with downstream partners. | TBD | ||
| 5 | Entity Incident Response and Decentralization | |||
| 5.1 | Test regularly the project's incident responses and operating procedures in dry-runs. Take note of the efficacy and improve guidelines accordingly. | TBD | ||
| 5.2 | Ensure roles and responsibilities in the organization are clearly defined and updated over time. | TBD | ||
| 5.3 | Prevent the centralization of decision-making by distributing decision power across different members of the organization. | TBD |