Abstract
The Arbitrum DAO has allocated over 422m ARB tokens across various initiatives, including incentive programs, grants, investment vehicles, and service providers, amounting to a total spend in the nine-figure USD range. While these allocations have driven significant growth and innovation, there has been minimal oversight or review of how these funds are ultimately used, and no system currently exists to incentivize the identification and reporting of fund misappropriation. Although three instances of misuse have been uncovered, it is likely that additional cases remain undetected.
In response, Entropy Advisors proposes the establishment of a grant misuse bounty program dubbed âThe Watchdogâ to incentivize the identification and reporting of misused DAO-allocated funds. The program would utilize an incentive mechanism to reward community contributors and investigators who submit verifiable reports of misappropriation. If the proposal passes a temperature check, Entropy will manage a selection process to determine a suitable platform to host the Watchdog program.
Motivation and Rationale
By offering financial rewards for valid reports of misappropriation, there will be a stronger motivation for community members to contribute skills or information that aid in identifying misconduct in the DAO. Today, the identification of wrongdoing can result in retaliation, unnecessary friction within the DAO, and other negative externalities for the investigators, and with no incentive to bring forth allegations, it is unlikely that most community members would. The Watchdog program creates a decentralized force of accountability, augmenting the DAOâs capacity to detect abuse that would likely otherwise go unnoticed while protecting the member from repercussions.
Arbitrum DAOâs successful identification of misappropriated funds, whether by a service provider, protocol, grant recipient, or anyone else that receives funds from Arbitrum DAO has two large benefits:
- The DAO (likely through the Foundation, as it has done so in the past) may be able to recapture some of the funds. This could involve legal avenues, smart contract enforcement (clawbacks / stream stopping), or community pressure.
- The evidence can be used to identify possible improvement opportunities in the underlying programs and make more informed decisions surrounding the recognized bad actors in the future.
Other benefits include a mechanism for malicious action deterrence and bringing sophisticated onchain sleuths into the DAO.
Just the existence of a transparent and well-publicized bounty program will likely deter some malicious actors from misusing DAO funds in the first place. Knowing that the community has the tools and incentives to identify misallocation increases the risk of exposure for those who might consider abusing the DAOâs trust. Recipients of DAO funds will need to think twice before acting in a way that doesnât align with the DAOâs strategic objectives, rules, and the broader interests of Arbitrum.
By allowing anyone to submit evidence-based reports of misuse anonymously, the program empowers the entire Arbitrum and crypto ecosystem to take an active role in maintaining the financial health and integrity of the Arbitrum DAO. We hope this fosters a culture of vigilance, good intentions, and accountability while bringing white-hat actors into the ecosystem.
Specifications
The Watchdog program will extend to ALL DAO-funded initiatives including end recipients of other programs such as the Questbook Domain program, Stylus Sprint, Arbitrum Foundation grants, and the incentives programs. The process for rewarding those who successfully identify fund misuse will start with a temporary solution utilizing a small committee of reviewers with a long-term plan for the program to eventually fall under OpCo, if and when it is stood up.
The workflow for bounties will be as follows:
1. Report Submission
- Anyone (watchers) can identify potential misuse of funds that originated from the DAO and submit an evidence-based report to a designated section on a to be determined bounty platform. The report remains private during the initial submission phase.
2. Review Process
- A whitelisted group of three DAO-associated reviewers will have the ability to review the submitted reports. We propose the group of initial reviewers to comprise the Arbitrum Foundation, Entropy Advisors, and the elected Research Member of the ARDC. This structure would help minimize operating costs of the program, but we are open to other group structures and electing members if the community disagrees with the proposed reviewers. Entropy and the Arbitrum Foundation will be waiving payment as reviewers and the ARDC Research Member will be paid at their stated hourly rate. We anticipate the review process for a Watchdog report to take a minimal amount of hours.
- The three reviewers will discuss reports and, if required, will contact the concerned party for clarifications. If two or more reviewers agree (at their discretion) that the submission is based on substance and rules have been broken, the watchers (individual or group) will receive their bounty. The reviewers will also determine the level of severity of the misuse, which will impact the bounty reward as outlined in step 4.
- In the case the â of the reviewers deem there has been fund misuse, the reviewers will then work together with the Arbitrum Foundation to open up private channels of communication with the concerned party and attempt to get the funds back for the DAO.
- Reviewers are required to abstain from specific review processes if a conflict of interest (COI) is identified. If two or more reviewers have an identified COI, the reviewers will identify two external parties who donât have COIs and have the capabilities to review the report. If the report is made public, the reviewersâ identified COIs will be published at the same time.
3. DAO Forum & Snapshot Voting
- If all attempts at backchanneling are failed, the report will be posted to the forum with all the watcherâs personal and identifiable information redacted in the version posted publicly.
- The DAO will vote via Snapshot on whether or not the violation constitutes a DAO ban. Delegates can reference the Furucombo instance as an example.
4. Reward Mechanism
- If the review committee deems a report valid at their discretion, they will deem what level of misuse.
- Low: 5K ARB
- Medium: 20K ARB
- High: 50K ARB
- If the report leads to the successful recapture of funds, 5% of the recovered funds will be awarded to the watcher.
- The 5% share is capped at $100K. This reward is in addition to the reward above.
- If recaptured funds are denominated in a volatile asset, the reward awarded to the watcher will be calculated as the 30D TWAP of the underlying on the day the transfer is made.
- Watchers will be required to undergo Foundation KYC before being eligible for rewards.
- The program will run until the 500K ARB is exhausted from valid misuse reports. Once 100k ARB remains, a proposal will be put forward to the DAO to extend the budget or shut down the program.
We believe that this mechanism is optimal for the time being, but if/once OpCo is stood up, the program could be moved into its domain. If done so, the reviewer and voting mechanism would likely need to be restructured.
Steps to Implement: RFP Process
It will be necessary to create a secure platform where community members or contributors can submit their reports. This will ensure confidentiality and data security for all parties involved. With the requirements resembling a bug bounty program, we imagine that an existing platform can quickly build the necessary portal. If the proposal passes a temperature check, Entropy will directly contact potential providers and solicit bids. The selected provider and the required budget will be presented to the DAO before the proposal moves to Tally. The Arbitrum Foundation will serve as the counterparty for the agreement.
Budget
Rather than setting a maximum budget for the RFP, the process will be conducted before moving to Tally. Post selection, the proposal will be updated with a final request.
In total 520,000 ARB + the necessary amount of ARB for the selected bounty platform (determined by RFP process) will be sent to a new MSS multisig in order to facilitate the program.
- 500,000 ARB available to reward valid Watchdog reports.
- 20,000 ARB to cover a minimum of 50 hours of the ARDC Research member. This is an overestimation and excess ARB will be returned if the program moves under OpCo or is disbanded after a 6 month trial.
- Amount of ARB necessary to build and host the Watchdog program. To be determined through a RFP process.
The expectation will be that 6 months post program launch, Entropy Advisors will raise a subsequent vote to the DAO in order to gauge the programâs success. At this point the DAO can determine if the program should continue in its current state, be moved under OpCo if or when it is stood up, or if the program should be discontinued.
Timeline
December 20th: Forum post
January 9-16th: Snapshot vote
January 20th : Procurement process begins
TBD: Onchain Vote
TBD: Program is launched
Voting Options
With the RFP process happening pre-Tally ratification, the Snapshot vote will be subjected to the non-constitutional quorum requirements of 3% of the votable token supply with a simple majority of votes in favor/abstain.
It will be a basic vote with FOR, AGAINST, and ABSTAIN as the three options.
Conflicts of Interest
Outside of being placed as one of the three reviewers, Entropy does not have any other conflicts of interest to disclose as part of this proposal.