Budget: 27000 UAH Deadline: 14 days
Realistically, this task should be divided into two stages. I would allocate the budget of 27,000 UAH only for a short initial analysis, not for an audit plus building a new secure infrastructure. For the first working stage, I set the budget at 96,000 UAH and 14 days - an audit of the current scheme, threat model, risk map for seed phrases and private keys, recommendations for hot/cold storage, multisig 2-of-3, PSBT, and implementation plan.
!!I would start with the audit and architectural documentation!!, not with implementation on live keys. Then, if the audit findings confirm that the system should be rebuilt, we will separately assess the implementation - Bitcoin Core RPC, watch-only via xpub, offline signing, broadcasting, UTXO and fee management, address whitelisting, limits, access segregation, logs, monitoring, and handover. Here, we cannot play the hero - one weak process can cost more than the entire development =/
> What is the amount and frequency of transactions - one-time withdrawals, daily payouts, or an operational wallet?
> Is there already a Bitcoin Core node, hardware wallets, multisig, and a description of the current address generation?
For similar tasks, I show not a crypto showcase, but projects close in architectural responsibility:
> https://business.ingello.com/platforma - corporate system with roles, processes, and action control
> https://business.ingello.com/forma-bpm - process, status, and access management
> indirectly close in terms of accuracy level - https://business.ingello.com/lita - sensitive data and strict project logic
> https://systems-fl.ingello.com - main page of Ingello Systems on FLH