Introduction
The Sherlock team manages Staking Pool 11.
The Sherlock team completed this questionnaire, which members can review to learn more about their team, their staking pool, how they manage their pool, and how they’re building on top of the Nexus Mutual V2 protocol.
Can you introduce yourself for members who may not be familiar with Sherlock?
Sherlock takes a unique smart contract audit approach combining the best of traditional audits (designated senior security expert on each project) with a contest model (200+ independent auditors competing head-to-head). This model has quickly proven itself through examples such as surfacing 3 Critical vulnerabilities in Optimism’s latest upgrade, while 6 previous audits missed these bugs. The approach ensures that some of the top security experts in the space are assigned to your codebase and incentivizes hundreds of other security experts to compete for the most high-severity findings.
Sherlock is also the first and only smart contract auditor to repay protocol teams with millions in the event of a missed vulnerability through its partnership with Nexus Mutual. This model has gained great traction because Sherlock is the only auditor willing to fully align incentives with protocol teams. Sherlock can often provide a full audit + $2M of coverage + $200k towards your bug bounty program for cheaper than most firms can do a standalone audit. Some of the top teams in the space—such as Optimism, GMX, and Notional—have repeatedly returned to Sherlock because they’ve seen the approach’s effectiveness.
Check out Sherlock’s public pricing guide and audit walkthrough for more details on the approach.
Can you describe your staking pool’s strategy in one or two sentences?
Sherlock’s staking pool strategy is to underwrite only protocols that have made it all the way through Sherlock’s rigorous auditing process. This means that hundreds of security experts have looked for bugs in the code, and any issues have been either acknowledged (carved out of coverage) or fixed by the protocol team, and each fix has been individually signed off on by the Lead Senior Watson (a top-ranked auditor on Sherlock’s leaderboard).
How frequently do you review and reassess the pricing and capacity parameters for the cover products you underwrite?
Frequently. Sherlock has made two pricing changes (both increases) in the last few months and will continue to make updates to pricing and capacity that target pool profitability for stakers. Sherlock’s product only offers smart contract exploit coverage and the risks surrounding exploits are very much emergent, so frequent updates are key early on.
As a pool manager, what is your approach to adding new products to your pool, whether it’s a completely new cover product or a new listing for an existing product?
Sherlock only plans to list smart contract exploit coverage (and critical bug bounty coverage) for the foreseeable future—no other lines of products.
New listings (new protocols) can only be added once they’ve made it through Sherlock’s auditing process, including one or more fix reviews/audits as determined to be necessary by Sherlock and the Lead Senior Watson.
Do you have any plans to develop an application or distribution network that utilizes your staking pool?
Sherlock offers an application where stakers can deposit USDC and gain exposure to the same array of risks (in the same proportion) as this pool, so Sherlock has a lot of skin in the game when it comes to making sure pool profitability (in both Sherlock and Nexus Mutual apps) is achieved.
How and with what frequency will you provide updates to the NXM stakers that delegate to your pool?
Updates will be provided whenever a significant event (pricing increase, large payout, etc.) occurs.
How can prospective and/or current NXM stakers communicate with you?
Please provide feedback in the #feedback channel in Sherlock’s Discord. Or you can DM Sherlock on Twitter, but that is checked less often.
Any other thoughts that you’d like to share?
Excited to be offering this product as a staking pool manager, and please reach out on Discord if you have any comments/suggestions/questions.