Bounty Top Up: Polkadot Assurance Legion

4hrs 8mins ago
1
Deciding
Content
AI Summary
Reply
Up
Share
Request
500KDOT
Status
Decision28d
Confirmation
7d
Attempts
0
Tally
94.5%Aye
5.5%Nay
Aye
183KDOT
Nay
10,600DOT
  • 0.0%
  • 0.0%

    Threshold

  • 0.0%
Support
0.01%
173KDOT
Issuance
1.58BDOT
Votes
Nested
Flattened
Actions
Or do delegation here, check wiki.
Call
Metadata
Timeline3
Votes Bubble
Statistics
Comments

✅ Why vote YES
• Essential security initiative: PAL is the only ecosystem-wide, community-led security program with a dedicated on-chain bounty for audits, tooling, and proactive risk management.
• Strong track record:
• 25 audits funded since 2024
• 133 vulnerabilities uncovered, including 27 high/critical
• Funding already resulted in security tooling, including static analysis and monitoring
• Ecosystem-wide impact: Audits and tools are used across parachains, dApps, and the Polkadot Hub, with increasing demand expected from EVM smart contracts deployment
• Transparent budgeting and reporting: Quarterly and semi-annual community reports are published (Q1 2025, H2 2024, etc.)
• Long-term sustainability: 500,000 DOT would cover 12–18 months of operations (audits, bounties, tools, curator fees), ensuring uninterrupted activity
• Improves trust and adoption: Better security = safer experience for users, more confidence for builders, and more credibility for institutional partners
• Low administrative overhead: Only ~12% of costs go to curators (rest focused on delivery)

❌ Why vote NO
• High cost: 500,000 DOT (~$1.65M at $3.30/DOT) is a large ask, even if over 12–18 months
• Bug bounty spending remains small: Less than 1% of previous budget went to actual bounty payouts—might raise concerns over practical ROI
• Potential lack of decentralization: Decision-making and spending controlled by a relatively small group of curators
• No external audit of PAL itself: While PAL funds audits, there’s no independent review of how PAL manages treasury money
• Audit dependency risk: Projects may come to rely too heavily on PAL instead of budgeting for their own audits

🎯 Conclusion:
The PAL proposal seeks to extend a critical, proven security framework for the Polkadot ecosystem. It offers ecosystem-wide protection, improved tooling, and proactive security for builders and users alike—yet its large cost and governance structure may prompt scrutiny.

Reply
Up