Yesterday Hegic.co, the crypto-option protocol announced via twitter that a typo in the protocol code prevents users to use liquidity from expired options for new ones. This "typo" resulted in 152.2 ETH locked forever in the pools. Of course, the Hegic team promised that every Liquidity provider would be refunded.
Moreover, there was a problem of pricing in the options system: You were charged a higher fee for a $200 Ether call option than a $196 one. For the non-finance person, you should be charged a higher fee for the $196 call option because the strike price ($196) was closer to the current price of ETH ($195,82). Thus, you have more chance to exercise this option than the $200 option.
First, let's not throw the rock at the Hegic team. I'm pretty sure they've mentioned that it was a beta version and that we shouldn't put a lot of money into it. Shits happen, and the sooner the better. Now we should think about how to improve audit tests for dApps that are launch without having the proper means to do an audit test.
Of course, one would say that it's the perfect opportunity for a business to do it and charge those startups. But remember, startups don't have money.
So I thought about something. I recently read an article about data scientists that have created a DAO to receive and split the work they had to do according to each person's availability. It would be interesting to reproduce the same principle, not necessarily with a DAO, a platform may be sufficient, but for audits of protocols. As I presented it, this is not only a matter of code, but also finance, and we can extend it. Each project could incentivize people to find mistakes and reward them with tokens.
Of course, this is just my thought and maybe it wouldn't work. I think there is also a supply problem, there are not enough coders that have the knowledge and are specialized enough to spot mistakes of that kind.
But the lack of good audits is becoming a serious issue, and we need to come up with a solution.