tendr.bid
Marketplace

Browse open RFPs

Sealed-bid procurement requests from crypto-native organizations. Bids are sealed cryptographically until the bid window closes - even from the buyer.

New RFP
Show
Sort
Privacy
Reserve
8 of 23
bid window closed
engineering

Independent Smart Contract Audit for Solana Subscription Program

Objectives Conduct a comprehensive security audit of the Smart Contract for the Solana Foundation's Subscription Program, focusing on vulnerabilities, code quality, and compliance with best practices. Identify and document potential security risks, including but not limited to reentrancy, overflow/underflow, unauthorized access, and improper state management. Provide actionable recommendations to mitigate identified risks and ensure the contract is secure for production use. Deliverables Detailed security report outlining findings, vulnerabilities, and risk assessment. List of mitigation strategies and recommendations for improving contract security. Summary of code quality metrics, including code complexity, maintainability, and adherence to Solana best practices. High-level summary of the contract's functionality and critical pathways that were reviewed. Milestones Milestone 1: Initial Review — Conduct a high-level analysis of the contract's structure, logic, and interactions with the Solana blockchain. Milestone 2: Deep Dive — Perform a detailed code review, focusing on critical functions, state transitions, and external calls. Milestone 3: Risk Assessment — Evaluate identified vulnerabilities against established security frameworks and provide a prioritized risk assessment. Milestone 4: Reporting — Finalize the security report, including recommendations, mitigation strategies, and a summary of the contract's security posture. Success criteria The security report must be complete, accurate, and include a thorough analysis of the contract's security state. At least 90% of the contract's code must be reviewed and analyzed for security and quality concerns. The report must include a prioritized list of mitigation strategies that are feasible and effective for improving the contract's security. The contract must be deemed secure enough for production use based on the audit findings and recommendations. Out of scope The audit does not include testing the contract against external attacks or simulating real-world scenarios. The audit does not cover the integration of the contract with other systems or third-party services. The audit does not include the review of non-contract components such as front-end interfaces, APIs, or user authentication mechanisms.

Bidding closedJun 17
Sealed bids0
bid window closed
engineering

audit for tendr.bid

Objectives Conduct a comprehensive audit of the tendr.bid platform to evaluate its compliance with privacy and security standards. Identify vulnerabilities, inefficiencies, and areas for improvement in the platform's procurement processes. Provide actionable recommendations to enhance the platform's integrity, transparency, and operational efficiency. Deliverables Detailed audit report outlining findings, risks, and recommendations. Risk assessment matrix highlighting critical vulnerabilities and mitigation strategies. Process improvement plan with prioritized actions for enhancement. Compliance checklist verifying adherence to privacy and security regulations. Milestones Milestone 1: Initial Review — Conduct a high-level assessment of the platform's architecture, data flows, and procurement processes. Milestone 2: Deep Dive Analysis — Evaluate specific components, including data handling, user access controls, and third-party integrations. Milestone 3: Risk Evaluation — Identify and prioritize security and privacy risks, along with potential impacts on the platform's operations. Milestone 4: Recommendations — Formulate and document actionable recommendations for improvement based on findings. Success criteria Completion of the audit report with clear, evidence-based findings and recommendations. Identification of at least five critical vulnerabilities or inefficiencies in the platform's operations. Delivery of a prioritized improvement plan with measurable steps to address identified risks. Verification that the platform meets all relevant privacy and security compliance standards. Out of scope Audits or evaluations of third-party services not directly integrated with the platform. Modifications or enhancements to the platform's core functionality or user interface. Financial audits or cost-benefit analyses of the platform's operations.

Bidding closedJun 3
Sealed bids0
bid window closed
engineering

Anchor Program Audit for PropAMM Platform

Objectives Conduct a comprehensive audit of the PropAMM platform to identify security vulnerabilities, logical flaws, and compliance issues. Ensure the platform meets industry standards for secure and transparent decentralized finance (DeFi) operations. Provide actionable recommendations to mitigate risks and improve the platform's reliability and user trust. Deliverables Detailed audit report outlining findings, vulnerabilities, and risk assessments. List of prioritized remediation actions with recommended fixes and implementation steps. Summary of compliance with relevant security frameworks and DeFi best practices. Recommendations for ongoing monitoring and maintenance to sustain security post-audit. Milestones Milestone 1: Initial Review — Conduct a high-level assessment of the platform’s architecture, codebase, and security controls. Milestone 2: Deep Dive Analysis — Perform in-depth code reviews, penetration testing, and vulnerability scanning of the PropAMM platform. Milestone 3: Risk Assessment — Evaluate the impact of identified vulnerabilities on the platform’s security, user data, and financial integrity. Milestone 4: Remediation Plan — Develop and document a structured plan for addressing critical issues and improving the platform’s security posture. Success criteria All critical vulnerabilities identified during the audit are documented and categorized by severity. The audit report is complete, accurate, and aligned with industry security standards. The remediation plan is actionable, feasible, and includes clear steps for implementation and verification. The platform is validated to meet the required security and compliance benchmarks post-remediation. Out of scope Audits of third-party libraries or external services not directly integrated with the PropAMM platform. Legal or regulatory compliance beyond the scope of security and code integrity. Audits of non-PropAMM components or unrelated projects within the same organization.

Bidding closedMay 25
Sealed bids1
bid window closed
engineering

Build a Image Hosting Website behind x402 paywall

Objectives Develop a secure, scalable image hosting website with a paywall system that restricts access to premium content. Implement a robust backend infrastructure to manage image uploads, storage, and retrieval efficiently. Ensure the platform is user-friendly, with clear interfaces for both end-users and administrators. Integrate payment processing and user authentication systems to enforce the paywall model. Deliverables Fully functional image hosting website with a paywall system in place. Backend infrastructure including serverless functions, database schema, and API endpoints. User authentication and payment processing integration (e.g., Stripe, PayPal). Documentation for setup, configuration, and maintenance of the platform. Milestones Milestone 1: Setup and Configuration — Establish the technical foundation, including server setup, database design, and initial API integration. Milestone 2: Core Functionality — Implement image upload, storage, and retrieval systems, along with the basic paywall structure. Milestone 3: Authentication and Payment — Integrate user authentication and payment processing systems to enforce the paywall model. Milestone 4: Testing and Deployment — Conduct thorough testing and deploy the platform to a production environment. Success criteria The image hosting website is fully operational with the paywall system functioning as specified. The platform meets performance benchmarks for scalability and security. User authentication and payment processing systems are integrated and working correctly. All documentation is complete and accurate, enabling smooth setup and maintenance. Out of scope The scope does not include third-party services not directly related to the image hosting platform (e.g., marketing, customer support). The buyer is not responsible for managing or maintaining the infrastructure beyond the scope of this engagement. The platform is not intended for use in any regulatory or compliance contexts unless explicitly stated in the buyer's description.

Bidding closedMay 24
Sealed bids2