AIP-9: Boring Security - Ecosystem Fund Allocation

Category: Ecosystem Fund Allocation
Author: @Feld

ABSTRACT

This document outlines the Boring Security Mission statement and alignment with the greater BAYC and NFT community. In order to grow the pie, we must first secure the crust, and protect the gooey insides from malicious actors.

MOTIVATION

The Boring Security DAO has tracked over $50mm worth of hacked/scammed NFTs in the space and has attributed it largely to lack of awareness and education on the NFT communities’ part. There have been no large-scale vendor neutral efforts in the space to educate, inform, and provide timely updates such that the community can make better informed risk decisions with their capital and NFTs. This changes now.

RATIONALE

With BAYC holders being the largest target for hackers/scammers, the DAO will face unique challenges over the coming months and years as it pertains to Security. Bringing a whole slew of new users into DeFi primitives, they will face even more challenges in ensuring the safety of their coins, NFTs, and digital assets more broadly. As the ecosystem evolves and web3 integrations become more prevalent, getting a BAYC holder to sign a potentially malicious transaction will be the holy grail of exploits, and one that should concern this DAO greatly.

SPECIFICATIONS

  • Dune Analytics to help determine trends, track user behavior, and guide decisions of resource
    allocation.
  • Social Media to conduct outreach, education, and
  • Smart Contract Review Tools - We hope to make partnerships with established auditing companies in the space to give us the ability to do preliminary safety checks on minting contracts, airdropped tokens, etc.

STEPS TO IMPLEMENT

After Funding is secured we plan to:

  1. Setup Coordinape and fund it with a portion of our Apecoin each month. DAO participants will be paid out every month, based on their effort into the DAO and the perceived value of other contributors in the contributor bucket.
  2. Hire (1) staff member out of a legal entity already created to facilitate this effort. This staff member will be doing outreach, tracking attendance to courses, website content updates, issuing our BS101 NFTs, coordinating volunteer activities, Coordinape payout handling, and most importantly tracking our metrics and helping the group work towards them, and potentially more depending on their skill set or desire.
  3. Partnerships, Website design, Giveaways, Social Media blitzes, etc.

We believe with the ($80,000 worth of apecoin) we will be able to have a 6 month runway of associated costs. Beer money for volunteers, a full-time staff member, and our software needs. However, being able to up the volunteer budget or being able to pay people for valuable contributions outside of coordinape to help us push our milestones further, faster, is the goal. This is why we are requesting funding from multiple sources.

TIMELINE

2022 OKRs Summary:
Achieve a meaningful number members to join the Boring Security community
Funding to support Boring Security objectives long-term

Milestones

  • Security Educational Courses w/ POAP
  • Become the largest security communities in the NFT space.
  • Active monitoring, reviews, and tooling for the space.

Roadmap and Milestones

Phase 1
Summary: During phase 1 the team will be designing and developing Educational Courses geared toward changing risky behavior in the NFT Space, eg. Blind Signing, risky approvals, etc. The team will also accumulate and collect the necessary wallet, event, asset, approval data to analyze and ruthlessly prioritize our roadmap.
Milestones: Courseware, POAPs, and establish DAO structure.

  • Create NFT security Educational courseware targeting High Risk individuals based on behavioral analysis.
  • Promote courseware via social awareness and engagement with key NFT communities.
  • Incentivize courseware through POAP and collaborations with NFT projects (giveaways, whitelist)
  • Establish the optimal team and organizational structure to achieve the goals of a long-lasting public utility

Phase 2
Summary: In order to be successful in a Security project it is essential to make data driven decisions that enable us to understand the likelihood and severity of attacks.
Milestones: Curate Content, Go public, Smart Contract Review, More volunteers

  • Response team deployment
  • Paced Launch of the project (Open Socials, Discord, Advertising Material)
  • Metrics developed to track % of ‘key projects’ that recommend newcomers to utilize Boring Security

Phase 3
Summary: Operational Success - Growth
Milestones: Partnerships, Growth, Tools, Trust

  • Full-time active monitoring of the space, threats, and scams
  • Develop scope beyond courseware. Establish mechanisms for proactive and reactive airdrop / smart contract reviews for user safety.
  • Develop tools, dashboards, technical primitives to protect the community
  • Partnerships with large projects, potential companies or other DAOs to help spread awareness and bring NFTs safely to the masses.

OVERALL COST

The initial ask from the DAO is 6969 $ape coin, but Boring Security has some plans to generate additional supporter funding through Supporter NFT issuance, other grant applications (Opensea grant is pending) and others. However, there will likely be ongoing requests for funding that we will likely come back to the DAO for additional funding, and provide updates of our progress, etc.

26 Likes

Hi ApeCoin DAO Community,

The grant of 6,969 ApeCoin has been processed to the recipient. This AIP is now considered fully implemented.

Follow this proposal under the AIP Transparency and Execution Category. A new post has been created here, Implementation Update | AIP-9: Boring Security - Ecosystem Fund Allocation, and further updates will be posted.

-rabbit

4 Likes