Audit Sign Off Process

The purpose of this guideline is to outline the process of signing off contracts to be sent for audit. This is not an exhaustive document, but intended rather to be a guideline

General

• All code should be written from the "dev" branch

• NO code should be pushed to "main" until this process has been completed

• PR's for main require three reviews minimum

• One review must be performed by either Josh or Leo

• One review must be performed by Ryan

Description of procedure

• Once development of a set of contracts has been completed, create a PR from dev to main.

• Raise the PR in the Concrete code review channel in slack (Provide Link)

• Ryan will schedule a call for the following business day

• All available developers will review the PR. Comments should be written directly in slack. This is to keep the PR succinct prior to merging to main.

• All reviewers will attend the audit review call. During this call, each reviewer will have an opportunity to raise any issues they have identified.

• Once the PR is signed off on, Ryan will notify the auditing firm that there is new code ready for audit.

• The code will be merged in by Ryan once the auditing agency reviews, and all recommendations are met.