Improvements to the Arbitrum Audit Program

Non-constitutional

1. Summary

This proposal seeks DAO approval for two operational enhancements to the Arbitrum Audit Program (AAP):

1. Moving from a mandatory Arbitrum exclusivity condition to a flexible alignment framework
2. Introducing a pilot program offering AI-security scans through the AAP

Ratifying this proposal in an off-chain vote will introduce these enhancements to the AAP immediately.

2. Background & Rationale

The Arbitrum Audit Program was launched in August 2025, establishing a $10m bucket to subsidize security audits for projects building on Arbitrum. The program is managed by the AAP Committee, composed of the Arbitrum Foundation, Offchain Labs, and an independent security expert elected by the DAO. After two operational quarters, the program has demonstrated strong demand, disciplined capital deployment, and measurable improvements in applicant quality from the first quarter to the second. Kindly refer to the program’s transparency reports (transparency report 1; transparency report 2) for topline metrics and performance.

As highlighted in previous transparency reports, the program’s original operational procedures have surfaced two major constraints, which, if addressed, can significantly improve the efficiency of the program. The mandatory Arbitrum exclusivity agreement, irrespective of the maturity of the team or size of the audit subsidy, has been an operational burden. Additionally, the absence of a preparatory or alternative security pathway for teams not yet ready for full-scope audit is a notable gap in the program. These two constraints are discussed in more detail below.

2.1 Revisiting the Exclusivity Requirement

The exclusivity requirement was put in place to ensure ecosystem alignment. These excerpts are from the original proposal:

"Arbitrum exclusivity. Audited code must remain exclusive to Arbitrum for a fixed
period of time."

"All audited code MUST remain exclusive to the Arbitrum ecosystem and this will
be included in the relevant legal agreements. Breaching exclusivity will obligate
the project to repay the full subsidy to the DAO via the Arbitrum Foundation (AF).
Non-compliance may lead to legal recourse and/or a proposal to the DAO to ban
the project from all future DAO-funded initiatives."

While sensible in intent, operational experience has shown that the exclusivity requirement in its current form introduces a material amount of friction. It has caused several quality applicants to opt out of the program completely (in many cases at the final stage of discussions), led to extended negotiations, and, in general, slowed approval timelines.

Moreover, the AAP has the potential to further the alignment of mature protocols with the Arbitrum ecosystem, in addition to the support it provides for early-stage teams. For example, there are protocols that are live on other chains and are considering deploying or migrating to Arbitrum, as well as existing multi-chain protocols on Arbitrum that are building a new version, which could be supported through the AAP. The mandatory exclusivity agreement isn’t flexible or competitive enough to cater to these teams.

2.2. Broadening Security Support Beyond Full Audits

A recurring theme across both operational quarters has been readiness gaps among applicants. Quite a few applications exhibit promise in terms of business direction and technical capability but are too early-stage for a traditional full-scope audit. Their codebase is oftentimes not to the program’s standards in terms of documentation/preparedness for an audit.

However, this is a category of builders that if provided with the right early-stage support, could be a valuable asset to the Arbitrum ecosystem long-term. Introducing a new offering so that the program can cater to builders in all stages will further improve its effectiveness. Through a pilot program with AI security tools, we can expand ecosystem coverage more flexibly, improve long term audit readiness of teams building on Arbitrum and uncover the possibilities offered by these new tools.

This proposal seeks DAO approval to amend the AAP to address these limitations.

3. Specification

3.1 Proposed change to the Arbitrum Exclusivity Requirement

We suggest moving on from strict exclusivity to a flexible alignment framework.

Under the revised framework, exclusivity will still be preferred but some projects may be exempted from maintaining Arbitrum exclusivity for audited code. This option will be available for applicants that commit to meaningful Arbitrum alignment through one or more of (but not limited to) the following:

• deploying core infrastructure on Arbitrum first
• routing primary liquidity through Arbitrum
• prioritizing Arbitrum for feature launches
• concentrating token incentives/token launches on the Arbitrum ecosystem

The AAP committee is responsible for negotiating the terms with each applicant and making the final decision.

3.2 Introducing a Pilot Program Offering AI Security Scans

Secondly, we propose introducing a pilot program to assess the effectiveness, both technical and with regards to ecosystem impact, of AI security providers.

Many AI security tools have emerged in the past few months and the program has the opportunity to benchmark these tools against traditional audits currently available. Presently, the plan is to offer AI security scans to serve early-stage and teams that are not yet audit ready and to use them to improve readiness before full-scope audits where needed. AI services will not replace professional audits for production deployments requiring full audit coverage but will serve as an indicator for a codebase’s maturity and a need for a traditional audit.

AAP Committee will select the AI tools from among the auditors currently whitelisted, and it may extend invites to external suppliers if evaluated as beneficial. ArbitrumDAO will be updated on the selected AI security providers as soon as the program is ready to start offering it.

No increase to the existing AAP budget is requested.

4. Timeline & Voting Options

We aim to take this proposal to an off-chain vote on 02/04/2026. Voting options will be:

1. FOR (Approve suggested changes)
2. AGAINST (Do not proceed with the changes)
3. ABSTAIN

This proposal will be considered approved if it passes the off-chain vote, i.e., there are more votes “FOR” than “AGAINST”, and the combined number of “FOR” and “ABSTAIN” votes surpasses the non-constitutional quorum (measured at the time the offchain vote is posted).

Hi!
I appreciate your reflection on the program and the fact that some companies decline funding due to exclusivity conditions.

However, looking at the big picture, I’d like to understand what Arbitrum gains from this program, its goals, and what results must be achieved for us to call it a successful program.

Structurally, I think it would be useful for everyone to understand three key points:

1. What benefits does the program provide for Arbitrum (in concrete terms, without vague terms like improving conditions for developers) – that is, what are the expected results.
2. How much was spent on company audits and how much did they bring to Arbitrum – that is, the conclusions drawn from the funds already spent.
3. How necessary is this program – what would happen or would happen if we closed the program – how much harm (or vice versa) would it cause to the Arbitrum ecosystem. Are there any cases where this program specifically attracted developers to Arbitrum (who were previously planning to build a project on a different chain?)

I understand that public goods are great (I do it myself), but any distribution of funds like this must lead to some kind of result.

Entropy has posted this proposal on Snapshot at the request of the Arbitrum Foundation. Voting will begin shortly at 5 pm UTC.

Voting FOR. I really like the AI security scan pilot, it’ll give early teams a clear direction and the confidence to keep building. If lowering the barriers is what Arbitrum needs to bring in more quality long-term, I’m all for it.

Vote: FOR
Exclusivity is great on paper, but it’s pretty unreasonable for most projects to sign on to. It makes perfect sense for us to be reasonable here and allow for leniency here, as long as there is a clear design that shows Arbitrum is the most important chain… No point in giving special treatment to projects that aren’t giving us special treatment back!

For the AI pilot… I love that. My only request to the committee is that we actually track the ROI; credits scale up quickly. Let’s measure if the teams using the AI tools actually pass their traditional audits faster and cheaper.

Voting FOR; the provided arguments against exclusivity make sense, and am excited to see the pilot of AI program. +1 @Griff on establishing concrete ROI tracking up front.

Layer3 Voting Rationale: Improvements to the Arbitrum Audit Program
Vote: FOR
Both changes are sensible operational refinements. Relaxing exclusivity removes friction that was costing the program quality applicants, and the AI security scan pilot fills a clear gap for early-stage teams at no additional budget.

Thank you for the proposal,

For this one, we discussed in detail within Eureka, and we concluded that although it has positive aspects, it is worth placing greater emphasis on the use of AI.

Specifically, we think that AI should be used only for reviews of codebases, and not the actual audit, which should primarily be done by humans.

We are in favor of the proposal, but we believe it would be beneficial to initiate a broader discussion on the topic in order to find the right way to leverage the technology, while also ensuring that any potential drawbacks of its use are avoided.

gm, voted FOR as the changes are reasonable.

Some suggestions:

1. Builders have been extremely disappointed by the rejection of their audit applications. While this is expected, I’d suggest providing more detailed feedback and outlining a clear path to keep those builders engaged (otherwise we risk losing more projects than we retain). I also noticed some audited protocols still have <$20k in TVL months after being audited, so it may be worth reassessing the evaluation criteria.

2. Building on the above, when AI-based audits are incorporated into the program, this could be a good opportunity to re-engage those builders and offer these types of services.

Voting FOR.

The exclusivity change is overdue. As long as the AAP Committee is holding the line on meaningful Arbitrum commitment, this is the right call.

On the AI security scan pilot: I like it as a tiered pathway for early-stage teams, and the fact that it draws from the existing whitelisted auditor pool gives me confidence in the quality floor.

• Reverie is voting FOR this proposal.

  • First, it doesn’t make sense to keep the exclusivity requirement if multiple quality applicants are choosing to opt out of the program completely as a result of it; a more flexible alignment framework makes sense to reduce operational burden. Second, the introduction of AI security scans makes more sense, especially as more models (Claude for example) are being trained on more on-chain data and getting better at security audits which should suffice for smaller/earlier teams that aren’t ready to be audited yet

The following reflects the views of L2BEAT’s governance team, composed of @krst and @Manugotsuka, and it’s based on their combined research, fact-checking, and ideation.

We voted FOR.

We support the direction of making the Audit Program more flexible, especially if strict requirements (such as exclusivity) are limiting participation from strong teams. Right now, most high-quality teams are multi-chain, so enforcing rules can be counterproductive and reduce the program’s impact and effectiveness.

That said, this flexibility introduces a clear trade-off. There is a risk that the DAO ends up subsidizing teams that do not remain meaningfully engaged with Arbitrum after receiving audit support. As a result, the role of the Audit Program Committee becomes even more important. With fewer rules, decision-making becomes more discretionary, and the program’s success will depend on the committee’s ability to identify projects that generate real value for the ecosystem.

This also raises questions around evaluation and accountability, as it is not entirely clear how the DAO should measure whether funded projects are actually contributing to Arbitrum. We are comfortable supporting this direction, but clearer evaluation criteria and better visibility into outcomes will be key to ensuring the program delivers meaningful impact.

This proposal is well-structured. It clearly builds on the operational experience gained over the first two quarters of the Arbitrum Audit Program. The identification of friction around exclusivity and readiness gaps among early-stage teams is well grounded in observed program dynamics. Expanding the program without increasing budget is also directionally positive.

Now as this moves into implementation, there are four areas where increased definition would strengthen how the program operates in practice.

Alignment Framework

The move from strict exclusivity to flexible alignment changes how qualification decisions are made. But it isn’t clear what constitutes sufficient alignment. The proposal allows “one or more” forms of alignment but does not define how these are assessed relative to each other. That makes it difficult to determine how similar applicants would be evaluated on a comparable basis.

Evaluation and Governance

The proposal expands the AAP Committee’s role in negotiating terms and granting exemptions. This also relates to selecting AI providers. But it’s not clear how these decisions will be made visible and subject to review. There’s no defined process for documenting or reporting how decisions are applied across cases. Without this, it becomes challenging to understand how the program is being administered in practice, or how decisions can be reviewed over time.

AI Security Pilot

Regarding the introduction of a pilot to assess and benchmark AI security tools, this is good again but it does not define what success looks like or how results will be used. There are no clear metrics or criteria for whether the pilot should be expanded or discontinued. This makes it harder to use the pilot to inform future decisions.

Program Objective

The proposal outlines several goals, including efficiency, alignment, and support for early-stage teams, but it doesn’t define how these are prioritized. Without a primary objective, it’s unclear how trade-offs between them should be evaluated. This makes it difficult to determine what the program is ultimately optimizing for, or whether decisions are aligned toward a shared objective or made on a case-by-case basis.

Taken together:

• qualification criteria
• decision visibility
• outcome interpretation
• overall objective

… all influence how the program functions. Without clarity across these areas, it becomes difficult to assess both individual decisions and overall direction.

Overall, the proposal is directionally sensible. Just clarifying these points would make it easier to understand how the program operates and how its outcomes should be evaluated over time.

The audit program is one of the highest-leverage initiatives the DAO runs —
subsidizing security review at the early stage removes a barrier that kills
otherwise viable projects before they ship.

One improvement worth considering: tiered audit scope based on contract
complexity. A simple ERC-20 fork needs a different audit scope than a novel
token primitive or a complex vault. A flat subsidy treats them the same, which
either over-funds simple contracts or under-funds complex ones.

A complexity-scoring rubric (lines of code, external dependencies, novel
mechanisms) applied at intake would help the program allocate more precisely
and let auditors scope their proposals more accurately. Would also reduce the
back-and-forth between applicants and reviewers on scope definition.