[Ethereum] KeeperDAO - Security Rating 1

Security Rating Level: 1
Evaluation Date: Mar 31st, 2021

1. History & Team (Weight 20%; Score 80)

1.1 Project age (8%; 50)
Launched on mainnet from 2020 Nov, alive for 5 months.
1.2 Past exploits (8%; 100)
Was never attacked
1.3 Team anonymity (2%; 100)
Team are public
1.4 Team experience in programming (2%; 100)
CTO, Joey Zacherl, started software engineering from 2011

2. Exposure (Weight 25%; Score 29.8)

2.1 Historical TVL (17.5%; 20)
Average market share in the past 1Q: 0.7%
Data collected from KeeperDAO | Stats, Charts and Guide | DeFi Pulse
2.2 Industry segment (5%; 40)
KeeperDAO is a earning protocol
2.3 Infrastructure (2.5%; 50)
Out of business nature, heavy oracles are needed for price feed

3. Audit (Weight 35%; Score 50)

Audit report available on: not public
3.1 Transparency and scope (14%; 0)
Report is not public
3.2 Audit firm trust score (10.5%; 70)
Audited by Peckshield and Quantstamp, Tier 2 audit firm
3.3 Audit findings (10.5%; 80)
No critical issues were found in audit
3.4 Other credits (up to additive 5.25%; 5)
Audit done before deployment

4. Code quality (Weight 15%; Score 50)

Repository on github: not found
4.1 Documentation
Code not on github, but found on Etherscan. Logic is simple and clear
4.2 Test
Test files cannot be found, while Quantstamp mentioned in the audit report that the test code coverage is 83%

5. Developer community (Weight 5%; Score 0)

5.1 Bug bounty program (3.5%; 0)
Not exists
5.2 Issues raised on Github (1.5%; 0)
0 issues raised on github repository

The N-SCOSS for Compound is 48.45, level 1