Think about structure for permissionless access to Halborn audits

Not doing


  • whoever pays for a stream can decide how it gets used
  • should have some entity that is able to veto a new stream? in case it's unreasonable
  • codearena, smart contract bug bounty based system, etc

  • relationship is between Halborn and BF + Root
  • BF can just create a policy (that is acceptable to the people who have paid for the audits and BF and have Halborn sign off on it)