AIP-373: Boring Security - Runnin’ It Back

Edit #1: Fixed formatting to new AIP Template and changed some text in the Platform & Technologies section!

**Edit #2 **Added Powered by ApeCoin to some mockup materials at the request of @Halina.eth - great suggestion

Prposal Name:

Boring Security - Runnin’ It Back

Proposal Category:

Ecosystem Fund Allocation

Team Description

Feld is the founder of Boring Security, and long-time BAYC and DeFi enthusiast. We also have a star studded cast of instructors, contributors, and others, giving their time and expertise to Boring Security with over 20 contributors completing tasks each month.


For a more expanded list of our contributors, check out https://boringsecurity.com/#contributors

Abstract:

Boring Security is seeking $239,000 for FY24. We are seeking funds to deploy into a Uniswap V3 Liquidity Pool where Boring Security DAO can take structured withdrawals from yield generated month over month to cover its operating expenses not covered by partnership income and other grants.

Motivation & Rationale:

Although Boring Security currently has more ApeCoin than they received from AIP-133, the USD value of the remaining amount has dwindled to ~$140,000. We are unable to do any long-term planning for 2024 without at least roughly knowing our budget for the upcoming year and having some padding, given that Boring Security does not sell all of their ApeCoin and hold stables or ETH like other AIP grant recipients! That, and with the current amount in our treasury, our initial goal of at least semi-perpetual funding with AIP-133 is unachievable.

Boring Security has served as a bastion of light in the ApeCoin DAO ecosystem. With AIP-9 (Boring Security’s first AIP) being amongst the highest supported AIPs in the DAO’s history, we continue to be thought of as a de facto part of the ApeCoin DAO. Producing content and teaching hundreds of students per month throughout the depths of this bear market, month on month, Boring Security has not slowed down. Since the passing of AIP-133, we’ve got some nice metrics for y’all to chew on:

Note: The number of Alumni is not reflective of the number of people who have taken the class, but who ALSO have claimed the NFT. The number of folks who have gone through our course is upwards of 2000.

Benefit to ApeCoin Ecosystem

For less than the (former) cost of one Council member per month :trollfaceemoji:, we have a DAO full of almost 30 contributor members and 1600 Alumni token holders, preaching the message of Security, and showcasing the power of ApeCoin. We have expanded the ApeCoin ecosystem beyond just apes, partnering with Gitcoin, Art Blocks, Pudgy Penguins twice, publishing content with Ledger Academy, and building & teaching in the metaverse!


Boring Security’s OnCyber Classroom: Boring Security Classroom

We also will be adding ‘Powered by ApeCoin’ to all of our materials!

Going forward, we want to make sure the world knows that we are ApeCoin powered. Boring Security simply would not be possible without the ApeCoin DAO, and with this proposal we are asking for permission to plaster this on all of our materials.

We may also include other sponsors in parts of our branding as well, but we want folks to be reminded at every step that ApeCoin is at the heart of who we are and what we do. We pay our contributors in ApeCoin, we hodl our ApeCoin, and we provide (some) liquidity to ApeCoin as well.


A mockup of the Powered by ApeCoin usage

Boring Security has been incredibly cost effective, being very judicious with every dollar spent. We’re committed to growing Boring Security as part of the ApeCoin DAO, building out an asynchronous catalog of security resources (beyond just articles) in 2024.

(The $20k Marketing spent in March was a proposal to sponsor Revoke.Cash [which passed] and to honor Rosco’s incredible contribution in the space, as well as being featured on their front page for 1 year!)

Curious about our budget? We have tracked every single transaction the DAO has made, as well as it’s supporting LLC entity, here:

BoringSec Treasury - Google Sheets


We don’t want to be just a “public good funded by Apes”, but a representation of what a lean, mission driven DAO can accomplish for all of Web3. So far, we’ve focused on expanding our live class offering and growing our community. Next we want to be a household name, helping turn ApeCoin DAO to be the friendliest, most accessible ecosystem in all of crypto. We can’t wait to build in the Otherside along with you all, and send you on quests to defeat scammers in the metaverse!

Key Terms:

Active Liquidity Management - Liquidity management has become an ever-increasing important part of DeFi. Active Liquidity Management refers to the algorithmic and/or discretionary management of funds in DeFi that attempts to maximize fees earned by the liquidity provider, and minimize impermanent loss.

Impermanent Loss - Impermanent Loss refers to the potential losses incurred by liquidity providers when the prices of tokens change, but is only realized when a liquidity provider withdraws.

Platforms & Technologies:

The main platforms of Boring Security are currently our Discord Server, Twitter/X, and our Website.

We currently use DAO tooling such as ThriveCoin and PropHouse for community engagements that include incentives, and both Wonderverse and Coordinape for Contributor Payouts.

We are transitioning to the use of DeForm to further automate and elevate our quiz experiences as well.

Our treasury is spread across Uniswap V3 Liquidity Pool Positions and ApeCoin Staking, as this has proven to be the optimal route for liquidity management.

Despite an optimistic initial forecast at $5 for $APE, a drastic 80% drop in volumes and a record low price of $1 forced us to reassess our liquidity strategy. We spent weeks exploring Active Liquidity Management solutions by Gamma Strategies, and Range Protocol with hopes to develop a DeFi strategy not only for Boring Security, but for other projects to apply as well. Unfortunately, these proved impractical, leading us to redeploy our existing approach, with slightly adjusted targets and buffers for the ultimate goal of using the power of DeFi to “go perpetual”.


Screenshot from Revert.finance backtesting the last 30 days of ApeCoin performance in our target LP position

Steps to Implement & Timeline:

Aside from redeploying the LP positions and “staying the course”, we want to take Boring Security one step further. This year we’ve had tons of achievements, but we have aspirations to scale our reach and consistently deliver unique and quality experiences at every turn. Next year we plan to Grow Our Alumni base using the same means we have this year. By continuing to Service Our Existing Community and give them opportunities to go deeper with their security knowledge, we build brand loyalty, and a “Safu Army” that we can leverage to Scale Our Education and its reach.

1) Growing our Alumni Circle:

We believe that for each Alumni we teach, they become a Security ambassador for their community, friends, and family, and directly contribute to the reduction of scam/hack victims in the Ethereum ecosystem.

Relevant tasks to achieve this include:

  • Maintain operations of 10-15 instructor-led live classes every month
  • Continue active outreach to existing Web 3 communities including gaming, DeFi, artists, and trading communities
  • Develop classes and materials in multiple languages

A list of some of the communities in 2023 who have partnered and taken classes with us!

2) Servicing our existing community:

Ensuring that those who are already into our ecosystem have ways to deepen, broaden, and over time sharpen their security prowess is critical to keeping these “security ambassadors” up-to-date with the current security landscape, which is anything but static!

Our collection of NFTs and POAPs that folks have been able to acquire in the BSec ecosystem in 2023.

Relevant tasks to achieve this include:

  • Enhance our community engagement infrastructure
  • Build new experiences periodically to re-engage and further inform our Alumni
  • Elevate our security content into new media forms including long & short form videos

3) Scaling our education to new and other market participants:

While we’ve achieved success in creating a loyal community, our next challenge is to scale our content and education to the next level. Our goal is to mobilize and incentivize our dedicated Alumni to become champions of web 3 security, ensuring that it’s a top priority for the future.

Relevant tasks to achieve this include:
Revamp our website to become a comprehensive learning gateway for web3 players of all levels via an asynchronous learning platform where students can earn Proof of Knowledge NFTs that are subject specific, taught by the foremost experts in the Web3 security space.

  • Revamp our website to become a comprehensive learning gateway for web3 players of all levels via an asynchronous learning platform where students can earn Proof of Knowledge NFTs that are subject specific, taught by the foremost experts in the Web3 security space.
  • Shepherd unique experiences to make security “fun”. Events such as simulated hacks, hands-on learning opportunities, and other gateway events that can serve as a funnel to our ecosystem.
  • Come up with novel incentivization mechanics that will mobilize and empower our core community to take part in forwarding Boring Security’s mission of spreading security education. Examples: Leaderboard mechanics, Referrals, Prophouse, Thrivecoin, etc.

Our timelines that were outlined in AIP-9 and AIP-133 have largely been a success. Going through them, it’s not hard to put a :sparkles:gold star​:sparkles: next to each goal, even as someone only familiar with our project through these proposals. Check some of the details below:

That said, there has been one goal that we believe will take some time to execute on, and that is:

“Build out a “user journey” experience where people can come to our website, describe their knowledge, desires, and responsibilities, and have a customized curriculum built out for them.”

While this is something we put on our goal list, it wasn’t something that we felt would be easily achievable on top of our other goals within 1 year. However, signs of life in the ecosystem are showing its head. The time for ensuring we have a platform for users to land on if the Bull market returns in full swing, is our top priority in 2024.

Though the structure of the DAO, and what that experience will actually shape out to look like in 2024 isn’t fully realized, we aim to have the early phases of this experience built out and usable before Q3 of 2024. This experience will include in-house content built on our website, and in the metaverse, partnership content such as Ledger Classroom modules, and other experiences built in collaboration with our many partners and Supporters in the Web3 ecosystem.

Overall Cost:

$239,000 USD denominated in $APE

20 Likes

Hi, @Feld !

I’m glad to see You here! As 101 and 102 alumni, You can count on me. I believe BSec mission is vital not only for alumni but for the whole Web3 community, because (IMO) each alumnus spreads knowledge of security to friends/family/business partners/etc. which is the most necessary thing You have to understand before entering the Web3 space.

What You’re doing can’t be measured with money, because, I’m sure, with the knowledge You give to alumni, they save much more.

I’m really thankful for all Your work and hope You’ll get this funding. I fully support it!
Thanks one more time :saluting_face: :saluting_face: :saluting_face:

15 Likes

Have you considered expanding into offensive security of systemically important infrastructure (e.g. reviewing and pentesting staking contracts?)

5 Likes

I am happy to give my full support to you @Feld . As an alumni myself I can vouch for the contribution and effort that Boring Security has put into . A little education a day on security goes a long way

5 Likes

I am ready to support any initiative from Boring Security and @Feld You’re doing necessary and important work that improves web3 security literacy. Keep it up :mechanical_arm:

6 Likes

More fundingggg :eyes: will that mean new staff?

2 Likes

I support this initiative. As alumni 101 and 102 and I will complete also the 103, I found their classes very useful

5 Likes

We have, and we wanted to partner with certain vendors in the space to provide that work on our behalf. However, our focus is on education and brand building.

Having something with “Security” in the name though automatically implies some kind of auditing service, so we’ve worked to find something in that realm, but its low on the priority list at the moment.

7 Likes

Potentially some upping of the hours of some of our tech staff for the platform, and might bump up some spending on community outreach.

That said, our budget isn’t being raised significantly as a result of this funding. We also have an ESP grant application to the Ethereum Foundation, which, if that passes, we might increase headcount and contributor spend a little bit if both of these pass.

11 Likes

Everyone loves Boring Security, high-quality presentation of material and
user support. This can be seen by the number of votes - 37 users have supported this at the moment :clap:

7 Likes

The $ape price drop has thrown a spanner in the works a couple of times now for BS funding, and many other authors have also referenced similar incidents, so will you be converting the $ape into USD or similar asap, thereby learning from past mistakes and hedging against any volatility, or will you continue in $ape - and if yes why?

Thanks.

1 Like

Any mechanism for ApeCoin holders to be reworded?

1 Like

Through ThankApe there is already a way to get:

5 ApeCoin to complete 101.
10 ApeCoin to complete 102.

The latter benefit will likely be reduced, as we’ve seen a slight uptick in attempts to farm it.

ApeCoin holders do, however, get priority seating into our classes for our public signups. And we are still exploring ways to give out ApeCoin branded Ledgers to the community for committing to Security Education and the ApeCoin DAO.

8 Likes

We did hedge against the volatility with our $APE/USDC pool for quite a while.

After repeatedly getting blown out on the way down, we actually ended up BUYING more ApeCoin than we were rewarded with in 2022.

However, the APE/ETH pair has performed far better for us, so instead of hedging, we seek to ApeCoin liquidity aligned, providing liquidity at any price, and trying to “live off the fees”, regardless if it makes financial sense in terms of what the value of the invested capital will be.

tl;dr: Despite this setback, after reassessing the options that exist, we have no plans to materially change our approach re: liquidity providing.

We just have the trust that, if the value of the grant or our positions don’t do well, that the DAO would understand that, and allow us to come back to the DAO to stay in operation. So long as it is worth it for the DAO to have us around, we will continue to try to be a shining star in the ecosystem.

9 Likes

One of the seriously committed initiatives and individuals in the DAO and the community

11 Likes

At class 101 and 102 learned a lot of useful things about security and not only. Its was fun to listen and read chat during class :slight_smile: Waiting for new materials. You have make great work.

6 Likes

An excellent project deserves adequate funding for its initiatives aimed at a wide range of users. I admire your enthusiasm and the work you have done :clap:

8 Likes

Boring Security is so important for this space and I Love what you guys do.
Thanks again for your work. Love your classes.
You have my full support :muscle:

3 Likes

Learnt a lot here. Much needed security education in the crypto space!

3 Likes

Class 102 alumni here, amazing program. This better pass with flying colors or :hocho:

4 Likes