Rainbow

Farcaster

if we started a petition to stop using (boycott) farcaster until they made direct casts an open platform (likely using XMTP) would you sign it?

(love u dwr)

if we started a petition to stop using (boycott) rainbow until they had a public audit (likely using OpenZeppelin) would you sign it?

(love u mike)

This reminds me of this @mikedemarais.eth.

A random walk down @safe ❇️ and open source tech research

Hey @mikedemarais.eth, Thank you for explaining the practical reality of externally owned accounts (EOAs) and audits compared to smart account audits!

My assumption was that the smart contract portion of code relating to the core custodial features for most token types would remain mostly unchanged aside from major and rare protocol upgrades. Whereas the regular updates mentioned consist more of client side (Desktop and mobile) new features, logic error fixing and optimizations.

Audits aside @rainbow  meets many of the other important characteristics for diversifying @safe approver accounts so from my research so far seems like a good option.

> My assumption was that the smart contract portion of code relating to the core custodial features for most token types would remain mostly unchanged aside from major and rare protocol upgrades.

EOA wallets do not use any smart contracts for functionality, what you are saying here is def true for smart contract wallets but not of EOAs

Hey @mikedemarais.eth, Thank you for explaining the practical reality of externally owned accounts (EOAs) and audits compared to smart account audits!

My assumption was that the smart contract portion of code relating to the core custodial features for most token types would remain mostly unchanged aside from major and rare protocol upgrades. Whereas the regular updates mentioned consist more of client side (Desktop and mobile) new features, logic error fixing and optimizations.

Audits aside @rainbow  meets many of the other important characteristics for diversifying @safe approver accounts so from my research so far seems like a good option. 

https://forum.safe.global/t/social-safe-accounts/5136/9?u=adamhurwitz.eth

yo yo adam!
sorry for late reply on your many asks re: audits

we had an audit done on the codebase 5 years ago back before it was even called Rainbow (was balance at the time) -- would that audit be of interest to you?

we have not pursued audits since then bc in our minds audits of regularly updating codebases is not very useful for anybody. wallet apps like Rainbow regularly push updates and make large changes to the codebase, any audit would be immediately obsolete the next time the app gets an app store update.

smart contract wallets on the other hand def are worth auditing