[Election & Application Thread] V2 Arbitrum Research & Development Collective

DeFiSafety has been full-time on risk transparency and mitigation for DeFi protocols for four years. We are deeply motivated in this industry succeeding. We are user centric. Success for us is users understanding risk on using Arbitrum clearly and having faith in the risk reports.

We have run multiple programs successfully with top-notch DeFi protocols such as Compound. We know how to successfully generate the needed outputs and communicate clearly. As indicated we have published hundreds of reports on multiple topics on chains and DeFi protocols.

We would love the opportunity to help Arbitrum to understand the risks, document them and mitigate them. This would be a top priority for our team.

I started DeFiSafety at the beginning of DeFi summer (May 2020). It had two purposes. First, give users an easy way to understand how risky a DeFi protocol was. Second, give DeFi protocol developers a structured method to mitigate the risks improve their quality and transparently communicate this to users.

We have generated over 600 reports and matured our protocol review process nine times.

Our skills in risk management came from a previous career in aerospace. Specifically in avionics. I started in crypto in 2018 with the SecurEth project as a way to use my background in aerospace software to improve the state of blockchain software development.

We have over 40 reviews of protocols on the Arbitrum network. Also, Arbitrum was one of the first chains we reviewed using our chain scores process.

I have been involved in blockchain since 2018, full-time in DeFi since 2020. I love the DeFi because it allows you to own your own money. If you look at the recent past in Ukraine Russia and China you can see how little control people have over their own funds. DeFi can fix this if it is done correctly.

We have always looked at the blockchain industry from a process perspective. Process and quality are boring and feel like TradFi. However, they have massive value in reducing the risk. Our motivation is to improve the industry in this underappreciated perspective.

The blockchain industry is deliberately decentralized. This has worked against us with respect to industry risk mitigation and quality systems. No one wants to own these activities.

Arbitrum DAO is one of the few organizations large enough and active enough to affect real change. For me, our industry is in crisis. Governments want all of crypto to work through exchanges. Users both retail and business do not know which tools and chains to trust in using onchain transactions and as such are leaning towards exchanges. I am enormously motivated to focus Arbitrum DAO on mitigating this massive risk. This is a solvable problem.

You can see the DeFiSafety risk related experience clearly through our reports. DeFiSafety’s primary output are our protocol review reports. We have over 300 on our website and many more on docs.DeFiSafety.com.

A recent very relevant initiative is the Compound protocol Multisig improvement program that we recently started. The initiatives are discussed in this article. Here we are trying to mitigate the risks of lost keys and the risk of inadequate trust of a Multisig by increasing transparency and trust. A focal her is proving that all Multisig signers are distinct humans without affecting their anonymity.

We also generated reports for Compound on risks for chains that the protocol can expand onto and risks for tokens. For token risk we wrote traditional reports and are finalizing an automated report generation process.

We also developed chain reports as an independent method to assess various layer 1 and layer 2 chains. This is an immature process which DeFiSafety did not have the resources or market interest to refine.

Our aerospace background gives us a lot of experience in program management. We have an internal tool (Zenkit) we use to coordinate activities amongst our team. Recently Questbook has been used for grants management for recent programs. We are diligent in communicating our progress and timelines on any program we undertake.

Our team is small and our experience in some aspects (such as token design) is limited. Where the DAO needs research in the area beyond our experience we can act as program managers to subcontract to capable third parties.

We have been actively collaborating with various protocols and chains in DeFi for over four years. We have worked extensively with DAO’s. We are very familiar with the processes and communication requirements for program such as ARDC.

First off, we will execute the tasks requested by the Supervisory Council. We work for you.
A personal recommendation within the first six months would be development of a risk management plan. Arbitrum is in a very risky sector. Block chains are new. Layer 2’s are new. Yet, despite how technical our industry is, formal risk management is seldom found. We face many very large risks.

Therefore we recommend that through a series of meetings we develop a top level and mid-level risk management description with mitigations. Plans such as this focus DAO members on what is important and offer justification for investment in mitigation plans. We would estimate a spend of 30k over the first 2 month.

We would also suggest that Arbitrum consider a quality system. A quality system tells new users what is safe because they follow audited best practices. My opinion is that we will not have new user growth without a quality system. If a large chain like Arbitrum cannot indicate which wallet is safe to use and which protocols are safe to use, how can we expect add users.

There are no clear conflicts of interest with DeFiSafety working for ARDC. If our situation changes we will communicate proactively and manage all confidential information and potential conflicts of interest professionally.