While I appreciate the purpose of this subsidy fund proposal and recognize the considerable effort put into it, I have concerns about supporting it. I’d vote “no” on this proposal due to a few concerns. Firstly, it centralizes too much power with the ADPC over the large $10 million fund. There’s also a risk that projects might become too dependent on these subsidies, potentially impacting their organic growth and innovation. Plus, the complex application and evaluation process could lead to inefficiencies or misallocation of funds. More community input and a decentralized decision-making process could improve the proposal’s alignment with the broader ecosystem’s needs but I still don’t see the necessity for its execution. It’s not a sustainable mean of enhancing security among Arbitrum projects. In fact, it’s not ArbitrumDAO’s job to cover its ecosystem audit costs. Most of the good projects (can) raise or earn enough fund to cover audits if needed. These grants might also negatively affect the ARB token’s price action as usual. We should allow the ecosystem to grow more organically.
I have voted for “1 cohort of 8 weeks, funding 2.5m”.
The DAO has shown a near unanimous desire to create a framework for security service providers as indicated from the results of the proposal. As well as put their trust in the 3 committee members elected to use their expertise to find the best path forward. While I absolutely love to see the discussion and feedback, I also want to show a good-faith trust in those elected to the committee and see their idea through. For that reason, I think the 8 week trial funding is a good start for this. This should give us the opportunity to view how successful this type of process is and re-assess at a later date.
I’ll add, the ADPC’s willingness to take feedback into consideration is noted and part of the reason I think it’s fair to move this forward with an exploratory period. This is a good indication that they are willing to take a look at how the next 8 weeks go and have an honest feedback on what can be improved.
As for general opinions, I do think @McFly brings up a good point regarding negotiating discounts. I don’t even want to begin to pretend I know what going rates are, but I think it’s important to remember that Arbitrum is a leader in this space and should be able to reap some of the benefits of that when it comes to bargaining power.
I will also agree with others - I’m not sure I’m for giving additional compensation to multisig signers after the fact.
Edit: My opinion is unchanged since the Snapshot vote, to save space editing this response to indicate that I will be voting “For” on Tally.
DAOplomats voted in favor of funding one cohort of eight weeks, $2.5M.
There is still some clarity needed before this goes to Tally but we are in support of an eight week pilot. Also, we support the reduced cap of 500 ARB each for the multisig. It is extra work so they should at least be compensated for that.
The Princeton Blockchain Club is voting 100% FOR funding one 8-week cohort at the Snapshot stage.
Just like many other delegates, we’re directionally in favor of this proposal, though most options are quite high for an 8-week program. We’re voting for the smallest funding option, as we’d like to see this first roll out as a pilot program and iron out the execution issues mentioned earlier in the thread.
Following on from @sid_areta’s post, as I’m putting together the RFP, framework agreements and templates and have some relevant procurement experience, I thought it might be useful for me to respond to a few themes emerging here:
Mandate and Set-up of Independent Committee to Disburse Subsidies
The ADPC did discuss this in the beginning and the view was that having the ADPC establish the framework and administer the subsidy program was within the original mandate of the ADPC ultimately approved through governance.
This decision was not taken lightly. We carefully considered the original Snapshot and proposal as well as the significant workload involved and the resources within the team. It would have been far easier for us to handball this to someone else with the risk it falls into a hole at the end of the 6 month tenure. It did not strike any of us as good stewardship or professionalism.
The concern we have in bringing a new committee onboard is that (A) it creates a new workstream that was not part of the original mandate and, (B) even if we got a new committee spun up, would result in significant delays while new team gets voted in, briefed on the procurement strategy, wraps their head around the legalities of the framework agreement, state of negotiations, tools and processes etc. That’s 4-6 weeks of their 8 week sprint gone.
If the DAO supports a truncated proof-of-concept, the better “bang for buck” would be to let the current ADPC facilitate this first tranche, re-assess at the end of the POC and then feed the learnings into a more substantial program. There is a lot of upside doing it this way.
Addition of a Security Expert
The ADPC identified this as a critical requirement early on. We have been in contact with several organisations and individuals who might be able to assist. However one challenge has been identifying suitable SMEs who are not already conflicted out or who might be seen to be biased. Both of these factors knock out many candidates.
Alternative Approaches
Having run a lot of procurements both in government and the private sector, best practice involves establishing a core team consisting of strategic procurement specialists driving the Approach-to-Market and lawyers experienced in strategic sourcing. We believe we have those resources on hand.
Technical SMEs certainly have an important role to play in defining requirements, the technical evaluation criteria and evaluating RFP responses and we definitely want to include suitably qualified SMEs in that process. However the technical requirements are only one part of a procurement process and evaluation.
Given the problems flagged above in terms of conflicts of interest, one suggestion offered to the ADPC was to speak with experienced buyers of audit services so we are exploring that option as well.
Timeline and Sequence of Events
As can be seen from the ADPC Dashboard, the ADPC has made great progress on significant pieces of the Framework. We have already released the first draft of the Means Test and the related Terms and Conditions. This alone was a considerable piece of work - we hope this serves as a role model for other grant programs.
The first draft of the Procurement Framework is being currently reviewed internally, pending input from SMEs and the Foundation. Once those steps are completed, we’ll be ready to publish the RFP and Head Agreement and officially kick off the procurement stage. We know everyone is super keen to get this ball rolling however we only have one chance to get it right. Once the RFP is published, it is inadvisable to make changes as it creates havoc for respondents and undermines probity of the process.
As part of the publication step, we’ll be developing a TLDR and overview to the legal documents to assist all participants. Keep an eye out for updates!
SEED Latam voted to ABSTAIN on this proposal, since, even though we fully agree on the goal behind it - subsidizing security services could help a lot in reducing friction for onboarding new projects looking to build on arbitrum, we think there are still some points that have to be defined as mentioned by @pedrob.
On this part tho, I think we could simply have someone who served as a member of a past Security Council cohort. Since they would already be somewhat vetted and “Arbitrum aligned”.
After consideration Treasure’s Arbitrum Representative Council (ARC) would like to share the following feedback on the proposal
We are directionally supportive of the proposal and have voted FOR allocating $2,500,000 to the Subsidy Fund, intended to support a single 8-week cohort. We view this as a trial phase, with the possibility of expansion contingent upon performance. Establishing the Subsidy Fund holds promise in aiding and drawing in builders, especially those engaged in smaller, emerging projects within the Arbitrum ecosystem.
I don’t see why the DAO should pay for the audits of new protocols. Yes security is important, but so is creating an environment where real businesses decide to create real value based on real success. We’re creating so much noise that it’ll be hard to spot the signal and the protocols that truly deserve our attention.
Hi all, thank you for your engagement on this proposal and for voting in favour on Snapshot! We appreciate all the feedback we have received and are in the process of implementing it.
Addressing the first major point of feedback, we are instituting an independent committee for selection of subsidy recipients and will provide further details regarding the proposed structure of the committee soon.
Regarding the second major point of feedback, i.e., proposing to add a Security SME to the ADPC, we managed to secure a trusted third party, who we are proposing to provide its services to the ADPC including:
- Crafting the technical and business requirements for the RFP for security service providers;
- Helping the ADPC whitelist the security service providers based on their RFP responses over a 4-week span.
We have managed to secure the help of DeDaub. DeDaub is a well-known security services firm which has worked with the likes of the Ethereum Foundation, EigenLayer, Chainlink, GMX, Lido, Maple, Pendle, etc., and has completed 200+ audits for 59 clients over 14 chains.
The next step before onboarding DeDaub is to get the DAO’s confirmation via Snapshot to use part of the ADPC’s budget to pay them. Note, the ADPC already has the funds in the Multi-Sig as part of the original endowment, but since this was not explicitly approved for spending by the DAO in the original Tally vote, we are requesting approval via Snapshot to use these funds to pay DeDaub. Find details below:
We propose to pay DeDaub a total of 12k ARB for their assistance on crafting the requirements and helping whitelist the security service providers. We believe this is fair since:
- Each ADPC member gets compensated $8k worth of ARB per month;
- The technical and specialist nature of the work allowing for a higher rate;
- The difficulty we have had in sourcing Security SMEs who are not conflicted out, as mentioned above;
- The market rates for Security SMEs (we were quoted $500/hour by another SME).
As such, we believe a compensation of 12k ARB is fair for the value DeDaub will bring to the ADPC and to this process.
Moreover, we also request an additional 10k ARB to the ADPC’s budget as an operational buffer to ensure that the ADPC can operate with speed and does not need to get the DAO’s approval for any small operational matters. Of course, this will be returned to the DAO’s treasury upon the completion of the ADPC’s tenure if it has not been utilized, and will not be spent on any internal salaries.
We will put up a Snapshot to get the ball rolling on this budget approval and reduce the likelihood of any delay in meeting timelines.
Summary Ask: 22k ARB in total (12k ARB compensation for DeDaub and 10k ARB operational buffer) to use from the ADPC’s buffer in the multi-sig.
Note: To confirm, DeDaub’s participation as the Security SME will preclude them from responding to the RFP and applying to be a whitelisted security service provider.
gm, late feedback here.
I have voted FOR and I am directionally supportive of the initiative as I believe it would be a fantastic incentive for the best undercapitalized builders to create and deploy on Arbitrum.
This is another way to remove frictions.
However, as others have pointed out, I am not convinced about the approach suggested, so voted for the smallest funding option as this will be an exploratory pilot.
Thank you for all your feedback here. As an update, yesterday we published the proposed structure for the independent committee for the selection of subsidy recipients here.
To ensure we act with sufficient speed, we are aiming to put the proposal up on Snapshot next Monday (20 May) and would greatly appreciate your opinions on the committee structure!
Thank you for this proposal; we are enthusiastic about its progress. While we acknowledge that we might be a bit late in offering suggestions, we hope our input can still be considered.
A primary topic at the top of Entropy’s mind at the moment is enabling projects to integrate Stylus into their tech stacks. We are working on a proposal in this regard. Given that Stylus is a key differentiator for Arbitrum, it’s crucial to address the current lack of auditors proficient in dapps consisting of contracts written in multiple languages using Stylus. We urge the DAO to prioritize support for projects aiming to leverage this vital technology, ensuring they have the necessary resources for success, and that auditors have a proper incentive to learn how to audit projects using Stylus.
I’ve voted FOR this proposal because
Enhanced Security: The primary objective of this fund is to bolster the security infrastructure of the Arbitrum network. Allocating resources specifically for security services can help in preventing and mitigating potential threats, ensuring a more robust and secure environment for all users and developers involved in the ecosystem.
Proactive Measures: By setting up this subsidy fund, the DAO demonstrates a proactive approach to security, addressing vulnerabilities before they can be exploited. This forward-thinking strategy can help build trust among stakeholders and users, knowing that the network is committed to maintaining high security standards.
Attracting More Users and Developers: A well-secured platform is more attractive to new users and developers. Knowing that there are dedicated resources for maintaining security can incentivize more participants to join and contribute to the Arbitrum ecosystem, potentially leading to greater innovation and growth.
voted FOR on Tally for the reasons expressed above
Dspyt Team after thoroughly reviewing the proposal for the Non-Constitutional Subsidy Fund for Security Services on the Arbitrum governance forum, we believe this initiative is essential for fostering a secure and robust ecosystem.
By subsidizing security services, the ArbitrumDAO aims to enhance the security posture of projects within the network, which is crucial for maintaining trust and reliability. Security concerns often present significant barriers for new projects; this fund will reduce onboarding friction, making it easier for innovative projects to join and thrive on Arbitrum. This influx of new projects will drive overall growth and innovation within the ecosystem.
Furthermore, this initiative aligns perfectly with our goals at DSPYT and Evm Explorer. We are dedicated to promoting safe and sustainable growth in blockchain technology, and by supporting measures that enhance security, we contribute to a more resilient and trustworthy environment.
The positive feedback from various community members highlights a shared recognition of the need for such an initiative, reflecting a collective agreement on the importance of prioritizing security to safeguard the interests of all stakeholders involved.
We firmly believe that voting FOR this proposal will significantly benefit the Arbitrum community by ensuring a safer and more inviting ecosystem for new and existing projects.
This initiative not only addresses immediate security needs but also strategically positions Arbitrum as a preferred platform for developers and startups.
Supporting this proposal demonstrates our commitment to advancing blockchain technology and data science in a secure and sustainable manner.
Voted for this proposal on Tally as it enhances security, attracts more users and benefits the chain as a whole. I’m glad to see this proposal pushed through and I’m looking forward to seeing the first few projects tapping into it!
Blockworks Research will be voting FOR this proposal on Tally.
Seeing as the proposal has been ameliorated to take into consideration our previous comments, we are voting FOR this proposal on Tally. To reiterate what we have said previously, we believe the subsidy fund is absolutely necessary for the establishment of smaller projects yet to achieve network effects. Additionally, we are pleased to see the proposal amended to a pilot phase first, as we believe that a test period is important and that the DAO should prioritize funds elsewhere before taking larger leaps.
We vote FOR the proposal on Tally.
We voted for the option, “8 weeks and $2.5M fund” and maintain the stance for the onchain proposal. It’s critical for the DAO to allocate the fund for the smaller projects with security considered. We also appreciate the ADPC team for accommodating the feedback from the delegates and pushing through the proposal to get started.
At first, I chose to abstain from voting on this proposal, but I decided to vote FOR on Tally.
I’ve come to realize that this initiative is vital for enhancing security and fostering growth by covering audit expenses, which is especially important for smaller projects.
Also, the emphasis on areas like RWAs & Tokenization and the adoption of Stylus positions Arbitrum for sustained competitive advantage and future growth.
As match on our current proposals goals, pushing stylus, orbit and Arbitrum ecosystem as infrastructure in the long term.
We’re voting FOR this proposal. We previously backed the 8-week pilot at the Snapshot stage. This initiative addresses a key barrier for web3 innovators - audit costs. By offering a clear path to audits, we’ll attract builders, enhance ecosystem safety, and drive innovation on Arbitrum. No brainer. Starting small allows for refinement before scaling.