Hey Chia family,
Given that there is no such thing as “zero risk”, I think it is worth discussing the vulnerabilities of smart contracts on the Chia Network.
Until we have mature auditors as well as an auditing process for Chialisp vulnerabilities, everyone is taking a sizable risk and giving a lot of trust to one entity, which is the Chia team in this case.
In my article here, I draw out the fact that the Pre-Farm is held in a wallet and not a smart contract.
https://medium.com/@SuperMine_io/chia-pooling-for-the-uninitiated-official-vs-unofficial-pooling-608dc9633563
Why We Are Building Our Own Pool
There are a ton of farmers on mainnet who still have OG or the original plots which were introduced before Chia 1.2.0.
Farmers have to decide whether it is worth the opportunity cost to replot in order start earning rewards on the same space already plotted.
To support these original plots, we built our own Unofficial pooling.
We believe there will never be a reason to replot if you plan on continuously adding new space.
This is especially true if you are a large or enterprise scale farmer.
Apparently the Chia team believes in the security of a private key versus a smart contract.
You can see that here:
https://www.chiaexplorer.com/pre-farm
We are community-driven and have taken a lot of feedback from our Alpha testers to get a baseline for how the dashboard and client should operate.
We have built everything using AWS + Terraform. Our DDOS is secured by AWS Shield, which is a benefit of using Route53 and Cloudfront.
If necessary, we will add additional DDOS protection.
For these reasons, we will be able deliver a platform that supports multiple versions, does client-side validations, and simply gives people a reason to keep their OG plots.
Something is always better than nothing. Talk soon.
Mike AKA @AlphaQi