Proposal for current technical assesment of Shutter Network for further improvement

Solution Proposal

For: Shutter Network By: Lumos Date: April 8, 2025


Business Goal

The primary objective is to conduct a thorough technical assessment of the Shutter Network. The assessment aims to ensure the robustness, security, and performance efficiency of the network infrastructure, enabling future scalability and stability. This technical assessment is crucial to identify potential areas of improvement, enhance service reliability, and facilitate seamless operational performance.

  • Network: Shutter Network
  • Tech Stack:
    • Frontend: -
    • Backend: GoLang
    • Smart Contracts: Solidity
    • Infrastructure: TBD

Proposed Technical Approaches

Architecture Review

  • Analyze Rolling Shutter’s distributed key generation (DKG) mechanism
  • Evaluate the threshold encryption scheme implementation
  • Review the leader selection process for block proposal
  • Assess the sequencer design and transaction order enforcement

Protocol Analysis

  • Study the commit-reveal scheme for transaction submission
  • Analyze the timelock mechanisms and their security guarantees
  • Examine the cryptographic primitives used for transaction encryption
  • Review consensus mechanisms for transaction ordering

Security Assessment

  • Conduct threat modeling of potential attack vectors
  • Identify potential collusion scenarios among participants
  • Assess resistance to various MEV attack types (frontrunning, sandwiching, etc.)
  • Evaluate key management and security practices

Integration Analysis

  • Evaluate compatibility with target L1/L2 networks
  • Review API interfaces for developer usability
  • Assess integration complexity for various transaction types
  • Test interoperability with existing blockchain infrastructure

Economic Model Review

  • Analyze incentive structures for node operators
  • Evaluate fee mechanisms and distribution
  • Model game theory scenarios for potential adversarial behavior
  • Review the sustainability of the economic model

Comprehensive Report

  • Compile detailed, actionable insights and recommendations based on the evaluation of Shutter Network’s protocol approach
  • Present clearly structured guidance for enhancing security, performance, and integration effectiveness

Further Scope

Development of Formal Model for MEV Protection

Threat Modeling

  • Map out potential attack vectors
  • Identify trust assumptions in design
  • Model collusion scenarios and economic incentives

Feasibility Analysis

  • Assess computational requirements for operations
  • Evaluate latency impact on transaction execution

Prototype Planning

  • Identify core components for a minimal viable implementation
  • Create technical specifications for key interfaces
  • Develop testing strategies for security validation

Team Composition

Role Hours (h) Rate ($/h) Cost ($)
Solution Architect 64 85 5,440
Business Analyst 0 50 0
Project Manager 0 35 0
UI/UX Designer 0 25 0
Security/Cryptography Engineer 96 75 7,200
Backend Engineer 88 75 6,600
Blockchain Engineer 88 75 6,600
DevOps Engineer 0 50 0
QA Engineer 0 25 0
  • Optimistic: $25,840
  • Pessimistic: $35,530

Estimation

  • Confidence: 81.93%

Timeline and Cost

  • Indicative Timeline: 3 - 4 weeks
  • Indicative Budget: $21,964.00

The proposed billing model is Time and Materials (TnM), meaning that costs and timelines are flexible and based on the time spent and resources used during project development.

4 Likes

Great structured proposal, transparent and professional. Having this passed with an experienced team would be great - I suggest to add the Lumos team members to the shutter friends chat in order to facilitate communication and potential decisions on submitting a vote to go forward with the proposed work.

Thanks for the proposal. Can you provide some background on Lumos highlighting your experience with carrying out audits of other similar protocols? Would be great if you could provide links to similar reports that you have produced.

Could you also break down the resourcing / cost into the two sections you mention: Assessment of the network and then Further scope as (for me) the former is more interesting than the latter.

Thanks!

Thank you for your message!

here is the breakdown of the work in proposal (with rought estimate per next work)

Price Quotation @ Lumos x Shutter Network Technical assesment rev1.xlsx - Google Sheets? gid=703793062#gid=703793062

Shardeum report

As per examples - here is the report that did before of Shardeum

what is the main aim benefit of this proposal? Is it aiming to find gaps and explore potential way for new contributors to engage with the tech.

1 Like

Yes. The idea is to understand the state of the tech right now and whether it achieves the goals that shutter had set up. If needed - there would be a course correction into an improved state of Network which should be a better version for current and new users alike.

1 Like

Shardeum? Really? An unreleased L1 that claims to have solved the blockchain trilemma—now that’s exactly the kind of experience I’d expect to see in a technical audit of a threshold encryption protocol… or maybe in a pitch for a perpetual motion machine.

Now jokes aside, this isn’t an isolated oddity—it’s part of a growing pattern.

Let’s look at the sequence:

  • The same VC who is now backing this “technical audit” previously pushed for a financial audit—via their own handpicked auditor—in a proposal that aimed to cut funding from the core team. That vote failed.
  • Now, we’re seeing backing for another auditor—Lumos—who not only lacks relevant experience in threshold encryption, but whose claim to fame is auditing Shardeum, a project that hasn’t launched and makes highly questionable promises.
  • And yet somehow, Lumos is being pitched with a potential price tag as high as $35,530. That’s more than triple what’s been quoted by @cducrest, [RFP] Independant Auditor - cducrest, who actually has direct experience auditing projects for Gnosis, Safe, CoW Swap, and others in the Ethereum ecosystem.
  • His proposal is detailed, methodical, and includes a track record of public and private audits, including top finishes in Code4rena and Sherlock competitions. Yet, strangely, we don’t see the same VC enthusiasm for this much more relevant and credible proposal.

Let’s also not ignore the context: This is happening alongside another RFP proposal (from a different VC in the same invite-only Telegram group) to replace the existing technical team—a team that’s currently shipping and already integrated with Gnosis Chain and has recently released the Shutter API.

It’s not inherently problematic to suggest new ideas or contributors. But when proposals, funding decisions, and now audits are being coordinated through private channels and championed without open community input or a clear, inclusive selection process—it undermines the credibility of governance.

If there’s truly a need for a technical audit—and maybe there is—it should go through a clearly defined, community-wide RFP process where proposals can be compared on merit, scope, and cost. That hasn’t happened here. No one voted to hire Lumos. There is, however, a legitimate alternative already on the table.

Let’s keep our standards high—and our processes higher.

1 Like

Thank you for your message.

First, we do not have any privilege and only for fait vote from the community.

Second, the audit proposal that you sent is security audit - something that we know also about but not what we offer. This person is an auditor who offers review of the code for any dangerous loopholes or bugs. Thus - it’s a work of one person and I am not sure if it can be conducted properly with just one auditor.

As per what we offer is in depth analysis of architecture, Protocol, Economics, Security and etc.

Thus, it is not a fair to compare us to the offer of audit that you’ve provided.

Also, our team worked with Solana, NEAR, Everstake, Sui, Avalanche and many others. Just to give you some background.

Thank you and have a lovely day.

1 Like

I appreciate the clarification regarding the nature of your offering. However, I think it’s important to address a few inconsistencies in your message.

First, dismissing the alternative audit proposal on the basis that it’s conducted by “just one person” overlooks the actual qualifications and track record of that individual. @cducrest has performed audits for core Gnosis infrastructure, Safe modules, CoW Swap, and others—teams that have earned the Ethereum community’s trust through rigorous standards. He has also achieved top rankings in competitive decentralized audit contests like Code4rena and Sherlock, where independent excellence is not only recognized, but expected.

It’s curious to suggest that one person can’t conduct a meaningful audit, while simultaneously advocating for a team whose most visible credential is an audit of Shardeum—an unreleased L1 making highly questionable claims about solving the blockchain trilemma. If a team that endorsed that level of rigor is qualified in your view, I’m not sure why we’re suddenly drawing the line at individual expertise—particularly when the individual in question has demonstrable credibility and relevant domain experience.

As for the broader scope you’ve outlined—architecture, protocol design, economics, and security—those are important domains, but they also warrant clarity. If this is not a security audit, then perhaps it should not be presented as such. And if it’s something broader, then that raises more questions about how the community will evaluate the quality and objectivity of that analysis, especially when the proposer is closely tied to funding and governance decisions.

To be clear, I’m not opposed to audits or reviews of any kind. But they should be selected transparently, with clear scopes, relevant expertise, and without the appearance of preferential treatment or gatekeeping. The integrity of the process matters just as much as the quality of the work delivered.

1 Like

Hi @Eugene_Lumos -

Thank you for this proposal. A couple questions:

  1. Would you please share the Lumos website and (if incorporated) your company registration?

  2. Were you asked to submit this proposal by a Shutter DAO 0x36 member - or did you do so on your own initiative?

  3. How long have you been a member of the Shutter community - and how have you been involved? If so, please provide links showing involvement.

  4. Do you own SHU? If so, roughly how much?

  5. How well do you know Shutter? Have you contributed to any of the Shutter open source repositories? If so, please provide links showing contributions.

1 Like

Great cons here! As many people should discuss this proposal, thanks Loring and OG to take part in the discussion! It makes Shutter lively, and that is what the DAO should be looking for! More people sharing their opinions!

1 Like

Thank you for your points. I believe that 2 auditors are necessary for a proper coverage of Shutter since it’s not the project in early stages or fork of anything. Thus, for Industry Standard for High-Stakes Projects it is needed for multiple auditors to be involved.

However, I don’t think necessarily that the offer from the person doesn’t have a value and won’t be a great addition to Shutter.

The scope is fully transparent within the scope. And Shardeum is the only report that we did - here is another one below with different structure.

Unnamed: 0 Unnamed: 1 Unnamed: 2 Unnamed: 3 Unnamed: 4
Project Name Layer 1 / L2 / App Tech overview Notable Features Comments
BUIDL Capital App A decentralized investment platform for startups to raise funds and for investors to earn yield through automated smart contract-based strategies. 1. Smart contract investment flows
2. DAO governance
3. NFT membership tiers
Code is being audited; modular structure is good.
Smart Contracts Solidity (EVM) Around 500 LOC (lines of code). Handles investment flows, tier logic, fund distribution. Uses OpenZeppelin libraries; separates logic modules. Pending final audit report. Potential improvements in gas optimization.
Frontend React + Web3.js Single-page app with wallet connection, investment dashboard, DAO governance interface. Clean UI; DAO voting interface integrated. Could benefit from better state management (e.g. Redux or Zustand).
Backend / Infra Firebase Handles user metadata, off-chain data storage (e.g. investment history), and notification system. Fast setup; integrates well with frontend. Consider decentralizing critical data or using The Graph.
Deployment IPFS + ENS Frontend hosted on IPFS, domain via ENS. Smart contracts on Ethereum mainnet (plan to expand to L2). Decentralized hosting; avoids single points of failure. Gas fees on mainnet can be high—L2 migration advisable.
Security In audit External audit initiated. Initial findings: safe use of libraries, need for better testing coverage. Manual and automated testing in progress. Recommendation: consider a second auditor or community audit (e.g. Code4rena).
Roadmap Q2: Mainnet launch
Q3: DAO tools
Planned improvements include DAO tooling, L2 integration, and user analytics dashboard. Active development pace. Important to test upgrades thoroughly before DAO voting.
Summary Overall solid architecture. Good use of modular contracts and frontend-backend separation. Still room for improvement in testing and L2 strategy.
1 Like

Thank you for your message

it’s lumos.codes.

We were introduced to the project by Ricky and we are new to the community.

1 Like

Hi @Eugene_Lumos -

Thanks for your replies. A couple follow-up comments:

Process

Your proposal is putting the cart before the horse.

The first step is for Shutter DAO 0x36 to determine whether or not they wish to have a technical assessment - and if so, the objectives and scope.

The second step (only if Shutter DAO 0x36 wishes to have a technical assessment) is for Shutter DAO 0x36 to identify the best person/organization to perform the task.

Alignment

I note from your answer above that you just joined the community, own no SHU, and have made no contributions to the Shutter open source repositories.

If you are truly aligned with Shutter and want to add value to the project, then I would encourage you to show it through your actions.

1 Like

This should be the funniest comment I have seen today; the tech has been checked multiple times by teams like Nethermind and has even made intragrations.

1 Like

This RFP will be put up for vote. That is what is going to happen. Discussions, like Loring’s point of view or OG are precious, but obviously do not represent the DAO’s view. Loring’s comment is dangerous though, as any member of the community, new or old, should be able to join and should not be coerced or threatened for reasons that are improper… Loring is not the DAO. Just remember this. Loring is a member of Brainbot and defends Brianbot’s interests, not the Shutter DAO’s interest. Thanks.

1 Like

The Proposal Process Is Backwards

Before we even get to comparing audit firms, let’s be clear on what hasn’t happened:

  • No community consensus has been reached that a technical audit is necessary right now.
  • No scope or objectives for such an audit have been defined publicly.
  • No inclusive or competitive selection process was initiated — despite multiple qualified candidates already being known to the community.

This should concern everyone who cares about decentralization and due process. A normal, healthy procurement process — in crypto or otherwise — follows a simple flow:

  1. Determine if there’s a need.
  2. Define that need.
  3. Secure funding.
  4. Draft a scope of work.
  5. Run an open and competitive selection process.

None of that has happened here. Instead, we have a hand-picked firm being pitched through backchannels, in private Telegram groups, without community mandate or oversight.

The Auditor: Misaligned & Underqualified

Let’s talk about Lumos.

  • They were introduced to the project by a VC, not the community.
  • They’ve made zero contributions to Shutter’s codebase or community.
  • They do not hold SHU, nor do they have a visible history of engagement with Shutter.
  • Their only example of prior work? An audit of Shardeum, a highly questionable, unreleased project claiming to have “solved the blockchain trilemma.” (Spoiler: it hasn’t.)

That report reads like a high school research paper — hardly the kind of technical depth you’d want in a review of a protocol as original and complex as Shutter. Worse, when challenged, the firm defended the need for “multiple auditors” because Shutter is “not a fork.”

Let me be crystal clear:

Shutter Network is not a fork. It is original, cutting-edge work in threshold encryption and encrypted mempools. And that makes the “fork” comment both wildly inaccurate and suspicious in its own right.

Motives Matter

Let’s talk about what this might actually be about.

In my opinion, the goal of this audit isn’t clarity — it’s control. This looks like an effort to:

  • Extract technical details under the guise of an audit;
  • Undermine the current core team, who are actually shipping and already integrated with Gnosis Chain;
  • Position a VC-aligned team to fork the project or create a competing one with privileged access to Shutter’s internals.

We’ve seen this playbook before in crypto. VCs get early access, push audits or advisors under their control, and then try to launch their own version, extract value, and dump on retail.

Is that provable here? Not yet.

But intentions matter, and patterns matter. And this one looks all too familiar.

Let’s Talk Competence

To put this plainly: I’m not convinced Lumos is even capable of understanding, let alone improving, Shutter’s protocol.

If they truly want to show their technical chops, here’s a challenge:

Audit one of these publicly available research posts by Shutter developers:

If Lumos can provide a meaningful analysis of either, it’ll do more to establish credibility than any vague RFP or name-dropping Shardeum ever could.

On VC Behavior and Disrespect

It’s not lost on anyone that the same VC pushing this audit:

  • Previously backed a financial audit by their own handpicked firm, in a proposal aimed at cutting funding from the core team (which failed).
  • Is now attempting to push another auditor, again handpicked, again without community consensus.
  • Responded disrespectfully to legitimate concerns raised by both myself and Loring — the latter of whom has contributed significantly to Shutter through Brainbot.

To suggest that someone like Loring, who has been building this protocol from day one, is “dangerous” for pointing out misalignment is absurd. What’s actually dangerous is gaslighting the community into thinking concerns about governance and integrity are somehow a threat.

Also, to be frank: if the VC in question wants to position himself as the voice of the DAO, I’d like to know:

  • What has he actually contributed to the protocol?
  • What has he built?
  • What credentials does he have in threshold cryptography, distributed systems, or secure protocol design?

Because unless those questions can be answered, the pattern we’re seeing here looks more like entitlement than expertise.

A Better Path Forward

If the DAO does in fact want an audit — and it may very well be a good idea — let’s do it right:

  • Define the scope publicly and transparently.
  • Include community and core contributors in shaping the goals.
  • Compare multiple qualified proposals.
  • Prioritize relevant experience in encrypted mempools, threshold encryption, and Ethereum-native architecture.

We already have one such proposal from @cducrest — whose qualifications far exceed those of Lumos and whose cost is less than a third of what Lumos is asking. Why is this being ignored?

Final Thought

If we start allowing private influence, misaligned actors, and vague proposals to dictate how funds are spent and who gets privileged access to core infrastructure, then we’re no longer building a decentralized project — we’re just LARPing one.

The DAO deserves better. Let’s raise the bar.

3 Likes

It looks like lumos has been operating for less than a year, is that correct?

I also couldn’t see mention of any specific experience with cryptography / encryption mentioned on the website or linked in. Could you provide us with examples of work or qualifications you have in this area?

Thanks!

1 Like

Thank you for your message. Lumos.codes does exist for 1 year, however we’ve worked as a core team at blaize.tech for multiple years and were the main people in the company (Our CTO was VP of engineering and our CEO was Director of delivery.)

As per cryptography, we have a plenty of experience in validation of it’s creation (Ton network audit, smart-contracts and protocol security audits, Dusk network audit)

1 Like