The approach is to outrun the scanners, and report risk to users based on estimations and deterministic partial evaluations(!) of risk.
So user could send funds to a new wallet.
Reports will be public (stored in IPFS or alike), since reporting privately would require trust.
It could become a distributed (aka de-centralized) "Security Explorer" eventually.
README:
https://github.com/dk14/crypto/blob/main/chats/btc-audit/README.md(path is a bit hidden, to partially hide from webcrawlers and heist-seekers)
----
How to contribute:
- I outlined simple bidding-based system for coin contributions to the project - send bids or micro-payments to BTC address and send more if u see progress, features implemented.
- Rewards are possible - since paid "public service" features are possible (see README)
- PR-contributions can be rewarded as well (from bidding fund and paid features).
- PRs will be reviewed strictly, since there is a paradigm (also public service would require strict external audits).
- can simply donate too. Significant ones will be attributed.
- can promote to a grant, but I think they bro-based
- reddit gossip?
This is long-term project, that is only a simple btc-audit toy right now.
There are some differentiators, comparing to other security projects (independence from vendors and corporate, stricter approach to Computer Science, accessible Node.js, flexible funding, no DeFi tokens, transparency, no academic overhead)
----
P.S. if you lurk around my disorganized 'crypto' repo - you might discover the importance of building independent audit tools with automatic feedback to users and vendors, since issues with cryptography are only accumulating, it's not getting any better. Buy a little time lol.
Some wisdom: there is no government conspiracy (not in FED/NIST, not in corporate/Blackberry) - everything is just degrading. Almost everyone thinks they'll die and go to better place. They won't.
