Profile of Fav_Truffe

Profile of Fav_Truffe in Optimism

Posts by Fav_Truffe

[GF: Phase 1 Proposal] Hats Finance by Fav_Truffe - No Role
Posted on: Jan. 31, 2023, 1:47 a.m.
Content: Project name: Hats Finance Author name and contact info (please provide a reliable point of contact for the project): Fav Truffe (https://twitter.com/Fav_Truffe 1 ) & Oliver Hörr (https://twitter.com/ 0 xAngler 1 ) I understand that I will be required to provide additional KYC information to the Optimism Foundation to receive this grant: Yes I understand that I will be expected to following the public grant reporting requirements outlined here: Yes L 2 recipient address: TBA Which Voting Cycle are you applying for?: 10 Which sub-committee should review your proposal? (Builders Grants, Growth Experiment Grants): Growth Experiment Grants Project description (please explain how your project works): Hats Finance is the first on-chain bug bounty protocol that includes and incentivizes all stakeholders (token incentives awaiting the TGE) to contribute to the security of Web 3 products. Hats offers a proactive incentive-based protocol for white hat hackers and auditors, where DAOs, companies, community members, and stakeholders can add liquidity to bug bounties to encourage responsible disclosure and be rewarded in return. When hackers are incentivized satisfactorily with high bounties, it becomes all the more likely they will act responsibly and disclose vulnerabilities instead of exploiting them. Accordingly, projects using Hats bug bounty protocol add a layer of security that reduces the possibility of being hacked and protects all stakeholders from the destructive consequences of such exploits. The unfortunate reality is that we will never archieve mainstream crypto adoption if people do not feel secure while using web 3 products (e.g. on Optimism). Our protocol enables collective responsibility for increasing actual and perceived security through the creation of scalable bug bounty vaults that can be funded using stable coins or any other on-chain asset. Additionally, Hats protocol is designed to be part of the public goods infrastructure of Web 3 . We believe in providing a security primitive that is composable and allows community participation. Now is the right time to deploy this kind of infrastructure to roll-ups and support the creation of an ecosystem on L 2 s by reducing the risk of exploits that harm projects and retail users alike. Website: https://hats.finance/ 4 Twitter: https://twitter.com/Hatsfinance Discord/Discourse/Community: Discord Other relevant links (including any demos): @HatsFinance | Twitter | Linktree Additional team member info (please link): Shay Zluf, CTO, and Hats Architect - https://twitter.com/shayzluf shayzluf (Shay Zluf) · GitHubOfir Perez, Head of Growth - https://twitter.com/perezofirJelle Gerbrandy, Head of Solidity - Commits · hats-finance/hats-contracts · GitHub 1 Carlos Fontes, Front-End - fonstack (Carlos Fontes) · GitHub Please link to any previous projects the team has meaningfully contributed to: Shay Zluf, - Shay is Hats’ lead dev and Hats visionary. Shay is an Ethereum OG and can be best described as a decentralizer of the ecosystem and incentivizer of desired outcomes. He was also part of the “Prysmatic Labs” team developing the Ethereum 2 . 0 client. Relevant usage metrics (TVL, transactions, volume, unique addresses, etc. Optimism metrics preferred; please link to public sources such as Dune Analytics, etc.): 26 Bounty Vaults$ 1 . 7 m TVL 25 % of TVL from the communityStrong growth in the community of security researchers Competitors, peers, or similar projects (please link): The key advantage of Hats Protocol vs. the traditional, centralized bug bounty services are:Hats bug bounty vaults are loaded with the native token, stablecoins, or yield-bearing token (Support in V 2 ) of the project thus reducing the free-floating supply while giving the token additional utility.Scalable bounty network — vault TVL increases with the project’s success.Open & Permissionless —Anyone can participate in the protection of an asset (Optimism ecosystem projects, their community members, and OP users).Any hacker can participate anonymously when disclosing exploits (no KYC needed).In the future, every depositor could earn rewards when providing liquidity.Continuous protection — As long as tokens are locked in the vault, hackers are incentivized to disclose vulnerabilities through Hats instead of hacking. Is/will this project be open sourced?: Yes Optimism native?: No Date of deployment/expected deployment on Optimism: Deployed What is the problem statement this proposal hopes to solve for the Optimism ecosystem?: Direct losses from Hacks and Exploits exceeded $ 15 b in the past two years and over $ 3 b has been stolen by hackers this year alone. Unlike audits (which are confined to a specific time period), bug bounty programs provide a continuous layer of security to identify smart contract bugs and keep users safe. We request 200 k $OP tokens to incentivize $OP ecosystem projects to create a bug bounty vault on Hats protocol to take an ongoing and on-chain security precaution. In contrast to Hats’ protocol, other bug bounty solutions offered today run counter to Optimism values of decentralization, permissionless-ness, open-sourced and accessibility to all. Additionally, there is currently no other bug bounty protocol incentivizing all stakeholders (teams, investors, DAO, community members, node operators, etc.) to help protect their projects and the underlying infrastructure against exploits and hacks. We believe that Optimism’s taking an initiative to incentivize the on-chain and ongoing security efforts of OP ecosystem projects will be an innovative and distinguishable approach to be adopted as a network. How does your proposal offer a value proposition solving the above problem?: Hats.finance is an on-chain decentralized bug bounty platform designed to prevent crypto-hack incidents by offering the right incentives. Additionally, Hats.finance encourages community participation allowing anyone to add liquidity to a smart bug bounty. Hats also allows hackers to responsibly disclose vulnerabilities without KYC and be rewarded with scalable prizes and NFTs for their work.Smart bug bounty programs are a win-win for everyone. They can be created easily with a few on-chain transactions (it takes around 1 hour to open a vault on Hats), and setting them up is free of charge. Bug bounty programs do not cost anything unless a vulnerability is discovered, which would be more costly and irreversible once exploited. More importantly, a bug bounty at Hats is transparent, and decentralized and gives power to the community behind the project.Security underlies the technology of smart contracts and we strongly believe the future of cybersecurity has aligned incentives. We are taking leadership in relation to these principles by creating a decentralized bug bounty marketplace that creates the right incentives for all of its participants. Why will this solution be a source of growth for the Optimism ecosystem?: OP has the chance to be the first network to incentivize ecosystem projects to secure themselves. It’s especially difficult for the fund-raising/small-cap projects to allocate big amounts of money to auditing services. We have witnessed many cases in which projects launched their product/service withour due diligence security-wise. However, Optimism will be able to incentivize ecosystem projects to create bug bounties on Hats protocol and let thousands of white hat hackers to help secure OP ecosystem projects thanks to our proposal. Has your project previously applied for an OP grant?: No Number of OP tokens requested: 200 k Did the project apply for or receive OP tokens through the Foundation Partner Fund?: No If OP tokens were requested from the Foundation Partner Fund, what was the amount?: NA How much will your project match in co-incentives? (not required but recommended, when applicable): Hats will match the incentives but the exact amount cannot be disclosed prior to the TGE for multiple reasons. How will the OP tokens be distributed? (please include % allocated to different initiatives such as user rewards/marketing/liquidity mining. Please also include a justification as to why each of these initiatives align with the problem statement this proposal is solving.): 200 k $OP tokens are used to incentivize depositors (including project DAOs, investors, community members, and audit firms) to the vaultHats and OP tokens will be rewarded in a hybrid liquidity mining scheme to LPs of bug bounties. The rewards should be allocated to the different bounties based on Quadratic Market capitalization, Quadratic TVL, and the amount of liquidity that is provided by the responsible DAO. If the liquidity incentives will be deployed before the $HAT TGE has taken place the initial phase will be rewarded only by OP tokens. Over what period of time will the tokens be distributed for each initiative? Shorter timelines are preferable to longer timelines. Shorter timelines (on the order of weeks) allow teams to quickly demonstrate achievement of milestones, better facilitating additional grants via subsequent proposals: We plan to run our own liquidity mining scheme over a period of two years. Please clearly define the milestones you expect to achieve in order to receive milestone based installments. Please consider how each milestone relates to incentivizing sustainable usage and liquidity on Optimism. Progress towards each milestone must be trackable: In Hats protocol, incentives are used to reward community members that contribute to security and to steer incentives for hackers to an adequate level.The initial 40 % of $OP will be used to onboard five vaults and incentivize LPs to fill the vaults to $ 100 k on average. After five vaults have been onboarded and the liquidity is at adequate levels, we request the remaining 60 % of $OP incentives so that APYs do not drop below 10 %.At the current stage additional milestones do not provide any additional value from our perspective, but if the OP community would like to add KPIs like the number of disclosures, we are open to the discourse. Why will incentivized users and liquidity on Optimism remain after incentives dry up?: Increasing the security will give more users the required trust to use the optimistic roll-upUsers that get burned by an exploit are unlikely to stay active participants in the crypto space.Bug bounties are not necessarily aimed at rogue yield farmers since the risk/return profile only makes sense for market participants that already have a vested interest such as builders, long-term aligned community members, and users with locked assets. In other words, wewards will get channeled into the right hands. Please provide any additional information that will facilitate accountability (smart contracts addresses relevant to the proposal, relevant organizational wallet addresses, etc.): Hats contracts - Hats.finance Confirm you have read and agree to the Eligibility Restrictions (here): I have read the Eligibility Restrictions and agree to abide by their conditions
Likes: 1 Replies: 0
Likers: fractalvisions

No replies yet.
[GF: Phase 1 Proposal] Hats Finance by Fav_Truffe - No Role
Posted on: Jan. 30, 2023, 8:47 p.m.
Content: Project name: Hats Finance Author name and contact info (please provide a reliable point of contact for the project): Fav Truffe (https://twitter.com/Fav_Truffe) & Oliver Hörr (https://twitter.com/ 0 xAngler) I understand that I will be required to provide additional KYC information to the Optimism Foundation to receive this grant: Yes I understand that I will be expected to following the public grant reporting requirements outlined here: Yes L 2 recipient address: TBA Which Voting Cycle are you applying for?: 10 Which sub-committee should review your proposal? (Builders Grants, Growth Experiment Grants): Growth Experiment Grants Project description (please explain how your project works): Hats Finance is the first on-chain bug bounty protocol that includes and incentivizes all stakeholders (token incentives awaiting the TGE) to contribute to the security of Web 3 products. Hats offers a proactive incentive-based protocol for white hat hackers and auditors, where DAOs, companies, community members, and stakeholders can add liquidity to bug bounties to encourage responsible disclosure and be rewarded in return. When hackers are incentivized satisfactorily with high bounties, it becomes all the more likely they will act responsibly and disclose vulnerabilities instead of exploiting them. Accordingly, projects using Hats bug bounty protocol add a layer of security that reduces the possibility of being hacked and protects all stakeholders from the destructive consequences of such exploits. The unfortunate reality is that we will never archieve mainstream crypto adoption if people do not feel secure while using web 3 products (e.g. on Optimism). Our protocol enables collective responsibility for increasing actual and perceived security through the creation of scalable bug bounty vaults that can be funded using stable coins or any other on-chain asset. Additionally, Hats protocol is designed to be part of the public goods infrastructure of Web 3 . We believe in providing a security primitive that is composable and allows community participation. Now is the right time to deploy this kind of infrastructure to roll-ups and support the creation of an ecosystem on L 2 s by reducing the risk of exploits that harm projects and retail users alike. Website: https://hats.finance/ Twitter: https://twitter.com/Hatsfinance Discord/Discourse/Community: Discord Other relevant links (including any demos): @HatsFinance | Twitter | Linktree Additional team member info (please link): Shay Zluf, CTO, and Hats Architect - https://twitter.com/shayzluf shayzluf (Shay Zluf) · GitHubOfir Perez, Head of Growth - https://twitter.com/perezofirJelle Gerbrandy, Head of Solidity - Commits · hats-finance/hats-contracts · GitHubCarlos Fontes, Front-End - fonstack (Carlos Fontes) · GitHub Please link to any previous projects the team has meaningfully contributed to: Shay Zluf, - Shay is Hats’ lead dev and Hats visionary. Shay is an Ethereum OG and can be best described as a decentralizer of the ecosystem and incentivizer of desired outcomes. He was also part of the “Prysmatic Labs” team developing the Ethereum 2 . 0 client. Relevant usage metrics (TVL, transactions, volume, unique addresses, etc. Optimism metrics preferred; please link to public sources such as Dune Analytics, etc.): 26 Bounty Vaults$ 1 . 7 m TVL 25 % of TVL from the communityStrong growth in the community of security researchers Competitors, peers, or similar projects (please link): The key advantage of Hats Protocol vs. the traditional, centralized bug bounty services are:Hats bug bounty vaults are loaded with the native token, stablecoins, or yield-bearing token (Support in V 2 ) of the project thus reducing the free-floating supply while giving the token additional utility.Scalable bounty network — vault TVL increases with the project’s success.Open & Permissionless —Anyone can participate in the protection of an asset (Optimism ecosystem projects, their community members, and OP users).Any hacker can participate anonymously when disclosing exploits (no KYC needed).In the future, every depositor could earn rewards when providing liquidity.Continuous protection — As long as tokens are locked in the vault, hackers are incentivized to disclose vulnerabilities through Hats instead of hacking. Is/will this project be open sourced?: Yes Optimism native?: No Date of deployment/expected deployment on Optimism: Deployed What is the problem statement this proposal hopes to solve for the Optimism ecosystem?: Direct losses from Hacks and Exploits exceeded $ 15 b in the past two years and over $ 3 b has been stolen by hackers this year alone. Unlike audits (which are confined to a specific time period), bug bounty programs provide a continuous layer of security to identify smart contract bugs and keep users safe. We request 200 k $OP tokens to incentivize $OP ecosystem projects to create a bug bounty vault on Hats protocol to take an ongoing and on-chain security precaution. In contrast to Hats’ protocol, other bug bounty solutions offered today run counter to Optimism values of decentralization, permissionless-ness, open-sourced and accessibility to all. Additionally, there is currently no other bug bounty protocol incentivizing all stakeholders (teams, investors, DAO, community members, node operators, etc.) to help protect their projects and the underlying infrastructure against exploits and hacks. We believe that Optimism’s taking an initiative to incentivize the on-chain and ongoing security efforts of OP ecosystem projects will be an innovative and distinguishable approach to be adopted as a network. How does your proposal offer a value proposition solving the above problem?: Hats.finance is an on-chain decentralized bug bounty platform designed to prevent crypto-hack incidents by offering the right incentives. Additionally, Hats.finance encourages community participation allowing anyone to add liquidity to a smart bug bounty. Hats also allows hackers to responsibly disclose vulnerabilities without KYC and be rewarded with scalable prizes and NFTs for their work.Smart bug bounty programs are a win-win for everyone. They can be created easily with a few on-chain transactions (it takes around 1 hour to open a vault on Hats), and setting them up is free of charge. Bug bounty programs do not cost anything unless a vulnerability is discovered, which would be more costly and irreversible once exploited. More importantly, a bug bounty at Hats is transparent, and decentralized and gives power to the community behind the project.Security underlies the technology of smart contracts and we strongly believe the future of cybersecurity has aligned incentives. We are taking leadership in relation to these principles by creating a decentralized bug bounty marketplace that creates the right incentives for all of its participants. Why will this solution be a source of growth for the Optimism ecosystem?: OP has the chance to be the first network to incentivize ecosystem projects to secure themselves. It’s especially difficult for the fund-raising/small-cap projects to allocate big amounts of money to auditing services. We have witnessed many cases in which projects launched their product/service withour due diligence security-wise. However, Optimism will be able to incentivize ecosystem projects to create bug bounties on Hats protocol and let thousands of white hat hackers to help secure OP ecosystem projects thanks to our proposal. Has your project previously applied for an OP grant?: No Number of OP tokens requested: 200 k Did the project apply for or receive OP tokens through the Foundation Partner Fund?: No If OP tokens were requested from the Foundation Partner Fund, what was the amount?: NA How much will your project match in co-incentives? (not required but recommended, when applicable): Hats will match the incentives but the exact amount cannot be disclosed prior to the TGE for multiple reasons. How will the OP tokens be distributed? (please include % allocated to different initiatives such as user rewards/marketing/liquidity mining. Please also include a justification as to why each of these initiatives align with the problem statement this proposal is solving.): 200 k $OP tokens are used to incentivize depositors (including project DAOs, investors, community members, and audit firms) to the vaultHats and OP tokens will be rewarded in a hybrid liquidity mining scheme to LPs of bug bounties. The rewards should be allocated to the different bounties based on Quadratic Market capitalization, Quadratic TVL, and the amount of liquidity that is provided by the responsible DAO. If the liquidity incentives will be deployed before the $HAT TGE has taken place the initial phase will be rewarded only by OP tokens. Over what period of time will the tokens be distributed for each initiative? Shorter timelines are preferable to longer timelines. Shorter timelines (on the order of weeks) allow teams to quickly demonstrate achievement of milestones, better facilitating additional grants via subsequent proposals: We plan to run our own liquidity mining scheme over a period of two years. Please clearly define the milestones you expect to achieve in order to receive milestone based installments. Please consider how each milestone relates to incentivizing sustainable usage and liquidity on Optimism. Progress towards each milestone must be trackable: In Hats protocol, incentives are used to reward community members that contribute to security and to steer incentives for hackers to an adequate level.The initial 40 % of $OP will be used to onboard five vaults and incentivize LPs to fill the vaults to $ 100 k on average. After five vaults have been onboarded and the liquidity is at adequate levels, we request the remaining 60 % of $OP incentives so that APYs do not drop below 10 %.At the current stage additional milestones do not provide any additional value from our perspective, but if the OP community would like to add KPIs like the number of disclosures, we are open to the discourse. Why will incentivized users and liquidity on Optimism remain after incentives dry up?: Increasing the security will give more users the required trust to use the optimistic roll-upUsers that get burned by an exploit are unlikely to stay active participants in the crypto space.Bug bounties are not necessarily aimed at rogue yield farmers since the risk/return profile only makes sense for market participants that already have a vested interest such as builders, long-term aligned community members, and users with locked assets. In other words, wewards will get channeled into the right hands. Please provide any additional information that will facilitate accountability (smart contracts addresses relevant to the proposal, relevant organizational wallet addresses, etc.): Hats contracts - Hats.finance Confirm you have read and agree to the Eligibility Restrictions (here): I have read the Eligibility Restrictions and agree to abide by their conditions
Likes: 1 Replies: 0
Likers: FractalVisions

No replies yet.
[DRAFT][GF: Phase 1 Proposal] Hats Finance [ARCHIVED ORIGINAL] by Fav_Truffe - No Role
Posted on: Jan. 26, 2023, 4:58 p.m.
Content: Hey @GFXlabs! Thanks a lot for the comment and guidance. We have edited the proposal above thanks to your comment in accordance with @lavande and @binji 's recommendations and the proposal is now targeting to incentivize OP ecosystem projects to set up a bug bounty on Hats protocol as a security precaution. Really appreciate the help @GFXlabs :slight_smile:
Likes: 2 Replies: 0
Likers: fractalvisions, gfxlabs

No replies yet.
[DRAFT][GF: Phase 1 Proposal] Hats Finance [ARCHIVED ORIGINAL] by Fav_Truffe - No Role
Posted on: Jan. 26, 2023, 11:58 a.m.
Content: Hey @GFXlabs! Thanks a lot for the comment and guidance. We have edited the proposal above thanks to your comment in accordance with @lavande and @binji 's recommendations and the proposal is now targeting to incentivize OP ecosystem projects to set up a bug bounty on Hats protocol as a security precaution. Really appreciate the help @GFXlabs :slight_smile:
Likes: 2 Replies: 0
Likers: FractalVisions, GFXlabs

No replies yet.
[DRAFT][GF: Phase 1 Proposal] Hats Finance [ARCHIVED ORIGINAL] by Fav_Truffe - No Role
Posted on: Nov. 22, 2022, 9:23 a.m.
Content: Hey @lavande! Thank you very much for the heads up. Its perfectly okay with us since we will be using this time for #buidling and working on our dApp/ Optimism integration / proposal, etc. Looking forward to rocking in the next voting cycle :slight_smile:
Likes: 0 Replies: 0
No likes yet.

No replies yet.
[DRAFT][GF: Phase 1 Proposal] Hats Finance [ARCHIVED ORIGINAL] by Fav_Truffe - No Role
Posted on: Nov. 22, 2022, 4:23 a.m.
Content: Hey @lavande! Thank you very much for the heads up. Its perfectly okay with us since we will be using this time for #buidling and working on our dApp/ Optimism integration / proposal, etc. Looking forward to rocking in the next voting cycle :slight_smile:
Likes: 0 Replies: 0
No likes yet.

No replies yet.
[DRAFT][GF: Phase 1 Proposal] Hats Finance [ARCHIVED ORIGINAL] by Fav_Truffe - No Role
Posted on: Oct. 27, 2022, 4:44 p.m.
Content: Thanks for the support @lazeeeerlin! We will be doing our best to help secure OP (and ecosystem projects).
Likes: 0 Replies: 0
No likes yet.

No replies yet.
[DRAFT][GF: Phase 1 Proposal] Hats Finance [ARCHIVED ORIGINAL] by Fav_Truffe - No Role
Posted on: Oct. 27, 2022, 12:44 p.m.
Content: Thanks for the support @lazeeeerlin! We will be doing our best to help secure OP (and ecosystem projects).
Likes: 0 Replies: 0
No likes yet.

No replies yet.
[DRAFT][GF: Phase 1 Proposal] Hats Finance [ARCHIVED ORIGINAL] by Fav_Truffe - No Role
Posted on: Oct. 26, 2022, 2:38 p.m.
Content: Project Name: Hats Finance Author Name and Contact Info: Fav Truffe Twitter 7 & Oliver Hörr Twitter 2 /Linkedin I understand that I will be required to provide additional KYC information to the Optimism Foundation to receive this grant: Yes L 2 recipient address: TBD Grant category: Governance Fund Phase 1 Is this proposal applicable to a specific committee? Yes, Tooling Committee Project description: Hats Finance is the first on-chain bug bounty protocol that includes and incentivizes all stakeholders (token incentives awaiting the TGE) to contribute to the security of Web 3 products. Hats offers a proactive incentive-based protocol for white hat hackers and auditors, where DAOs, companies, community members, and stakeholders can add liquidity to bug bounties to encourage responsible disclosure and be rewarded in return. When hackers are incentivized satisfactorily with high bounties, it becomes all the more likely they will act responsibly and disclose vulnerabilities instead of exploiting them. Accordingly, projects using Hats bug bounty protocol add a layer of security that reduces the possibility of being hacked and protects all stakeholders from the destructive consequences of such exploits. The unfortunate reality is that we will never archieve mainstream crypto adoption if people do not feel secure while using web 3 products (e.g. on Optimism). Our protocol enables collective responsibility for increasing actual and perceived security through the creation of scalable bug bounty vaults that can be funded using stable coins or any other on-chain asset. Additionally, Hats protocol is designed to be part of the public goods infrastructure of Web 3 . We believe in providing a security primitive that is composable and allows community participation. Now is the right time to deploy this kind of infrastructure to roll-ups and support the creation of an ecosystem on L 2 s by reducing the risk of exploits that harm projects and retail users alike. Project links: Linktree @HatsFinance | Twitter | Linktree 5 We are changing the way crypto security works Hats contracts 1 , Hats Audit , Hats tokenomics , DeFisafety report Additional team member info: Shay Zluf, CTO, and Hats Architect - Twitter GitHub 1 Ofir Perez, Head of Growth - Twitter Jelle Gerbrandy, Head of Solidity - Github 1 Carlos Fontes, Front-End - Github Please link to any previous projects the team has meaningfully contributed to: Shay Zluf, - Shay is Hats’ lead dev and Hats visionary. Shay is an Ethereum OG and can be best described as a decentralizer of the ecosystem and incentivizer of desired outcomes. He was also part of the “Prysmatic Labs” team developing the Ethereum 2 . 0 client. Relevant usage metrics: 26 Bounty Vaults $ 1 . 7 m TVL 25 % of TVL from the community Strong growth in the community of security researchers Competitors, peers, or similar projects: The key advantage of Hats Protocol vs. the traditional, centralized bug bounty services are: Hats bug bounty vaults are loaded with the native token, stablecoins, or yield-bearing token (Support in V 2 ) of the project thus reducing the free-floating supply while giving the token additional utility. Scalable bounty network — vault TVL increases with the project’s success. Open & Permissionless — Anyone can participate in the protection of an asset (Optimism ecosystem projects, their community members, and OP users). Any hacker can participate anonymously when disclosing exploits (no KYC needed). In the future, every depositor could earn rewards when providing liquidity. Continuous protection — As long as tokens are locked in the vault, hackers are incentivized to disclose vulnerabilities through Hats instead of hacking. 1103 × 1600 175 KB Is/will this project be open sourced?: Yes. Everything is already open source. Optimism native?: No. Date of deployment/expected deployment on Optimism: TBD - We expect to be deployed on Optimism early-mid February. Ecosystem Value Proposition: Direct losses from Hacks and Exploits exceeded $ 15 b in the past two years and over $ 3 b has been stolen by hackers this year alone. Unlike audits (which are confined to a specific time period), bug bounty programs provide a continuous layer of security to identify smart contract bugs and keep users safe. We request 200 k $OP tokens to incentivize $OP ecosystem projects to create a bug bounty vault on Hats protocol to take an ongoing and on-chain security precaution. In contrast to Hats’ protocol, other bug bounty solutions offered today run counter to Optimism values of decentralization, permissionless-ness, open-sourced and accessibility to all. Additionally, there is currently no other bug bounty protocol incentivizing all stakeholders (teams, investors, DAO, community members, node operators, etc.) to help protect their projects and the underlying infrastructure against exploits and hacks. We believe that Optimism’s taking an initiative to incentivize the on-chain and ongoing security efforts of OP ecosystem projects will be an innovative and distinguishable approach to be adopted as a network. Hats.finance is an on-chain decentralized bug bounty platform designed to prevent crypto-hack incidents by offering the right incentives. Additionally, Hats.finance encourages community participation allowing anyone to add liquidity to a smart bug bounty. Hats also allows hackers to responsibly disclose vulnerabilities without KYC and be rewarded with scalable prizes and NFTs for their work. Smart bug bounty programs are a win-win for everyone. They can be created easily with a few on-chain transactions (it takes around 1 hour to open a vault on Hats), and setting them up is free of charge. Bug bounty programs do not cost anything unless a vulnerability is discovered, which would be more costly and irreversible once exploited. More importantly, a bug bounty at Hats is transparent, and decentralized and gives power to the community behind the project. Security underlies the technology of smart contracts and we strongly believe the future of cybersecurity has aligned incentives. We are taking leadership in relation to these principles by creating a decentralized bug bounty marketplace that creates the right incentives for all of its participants. We are already working with a variety of protocols today, from Liquity to DXdao, securing their protocols using the Hats smart contracts. We are in the final stages of developing Hats V 2 , and would love to work with, and host bug bounties for Optimism ecosystem projects. How Hats Bounty Program Works 1600 × 900 99 . 6 KB 1600 × 900 45 . 8 KB As is seen at the charts above, Optimism ecosystem projects would be required to select and set up a committee for the bug bounty vault. The Committees responsibility: Triage incoming vulnerability reports/claims from auditors/hackers (get back to the reporter ASAP and ideally within 12 hours) Approve claims within a reasonable time frame (Max. of 6 days) Set up repositories and contracts under review (A list of all contracts covered by the bounty program separated by severity) Has your project previously applied for an OP grant?: No Number of OP tokens requested: 200 k Did the project apply for or receive OP tokens through the Foundation Partner Fund?: No If OP tokens were requested from the Foundation Partner Fund, what was the amount?: NA How much will your project match in co-incentives? (not required but recommended, when applicable): Hats will match the incentives but the exact amount cannot be disclosed prior to the TGE for multiple reasons. Proposal for token distribution: 200 k $OP tokens are used to incentivize depositors (including project DAOs, investors, community members, and audit firms) to the vault Hats and OP tokens will be rewarded in a hybrid liquidity mining scheme to LPs of bug bounties. The rewards should be allocated to the different bounties based on Quadratic Market capitalization, Quadratic TVL, and the amount of liquidity that is provided by the responsible DAO. If the liquidity incentives will be deployed before the $HAT TGE has taken place the initial phase will be rewarded only by OP tokens. How will this distribution incentivize usage and liquidity on Optimism? Generate more trust in the Optimism ecosystem security Mitigate events that will harm user adoption and the reputation of the ecosystem Bring the attention of a valuable target audience: Developers & Security Researchers Give governance tokens on Optimism more utility Stake to increase security Stake to farm yield Decrease the free-floating supply of the respective governance tokens Why will the incentivized users and liquidity remain after incentives dry up? Increasing the security will give more users the required trust to use the optimistic roll-up Users that get burned by an exploit are unlikely to stay active participants in the crypto space. Bug bounties are not necessarily aimed at rogue yield farmers since the risk/return profile only makes sense for market participants that already have a vested interest such as builders, long-term aligned community members, and users with locked assets. In other words, wewards will get channeled into the right hands. Over what period of time will the tokens be distributed? We plan to run our own liquidity mining scheme over a period of two years. How much will your project match in co-incentives? We plan to incentivize based on the number of vaults. The goal is to reach a sufficient bounty size for each project.
Likes: 8 Replies: 1
Likers: salome, 0xangler, stephen, rubiokishi, cryptoagu, stevencaptain, sgh90, fractalvisions
Replies:
- Gonna.eth: From all the bug bounty protocols/projects I know, this looks like the best-oriented in terms of transparency using almost every possible on-chain option to solve this problem. But as others project, the off-chain encrypted communications are odd. I understand you can not disclose a white hat hacker communication as this can end up in someone else picking the hack before the solution comes in. How can you assure the white hat hacker to be paid by the service if there’s no public information about their finding? Fav_Truffe: Option 1: Liquidity Mining (150k $OP tokens are used to fund the bug bounty vault and 50k $OP tokens are used to incentivize depositors to the vault) You say “Option 1” but I see no other options. What does it mean 150k $OP tokens are used to fund the bug bounty vault? Will this be specifically for Optimism L2 bugs or will it cover things other protocols inside Optimism? “50k $OP tokens are used to incentivize depositors to the vault” If I provide liquidity to the vault, am I getting OP tokens in return If optimism L2 it’s not hacked nor a bug is found? TBH this is one of those proposals I like because it comes with a solution to a real problem and is a no-brainer in terms of use.
[DRAFT][GF: Phase 1 Proposal] Hats Finance [ARCHIVED ORIGINAL] by Fav_Truffe - No Role
Posted on: Oct. 26, 2022, 10:38 a.m.
Content: Project Name: Hats Finance Author Name and Contact Info: Fav Truffe Twitter & Oliver Hörr Twitter/Linkedin I understand that I will be required to provide additional KYC information to the Optimism Foundation to receive this grant: Yes L 2 recipient address: TBD Grant category: Governance Fund Phase 1 Is this proposal applicable to a specific committee? Yes, Tooling Committee Project description: Hats Finance is the first on-chain bug bounty protocol that includes and incentivizes all stakeholders (token incentives awaiting the TGE) to contribute to the security of Web 3 products. Hats offers a proactive incentive-based protocol for white hat hackers and auditors, where DAOs, companies, community members, and stakeholders can add liquidity to bug bounties to encourage responsible disclosure and be rewarded in return. When hackers are incentivized satisfactorily with high bounties, it becomes all the more likely they will act responsibly and disclose vulnerabilities instead of exploiting them. Accordingly, projects using Hats bug bounty protocol add a layer of security that reduces the possibility of being hacked and protects all stakeholders from the destructive consequences of such exploits. The unfortunate reality is that we will never archieve mainstream crypto adoption if people do not feel secure while using web 3 products (e.g. on Optimism). Our protocol enables collective responsibility for increasing actual and perceived security through the creation of scalable bug bounty vaults that can be funded using stable coins or any other on-chain asset. Additionally, Hats protocol is designed to be part of the public goods infrastructure of Web 3 . We believe in providing a security primitive that is composable and allows community participation. Now is the right time to deploy this kind of infrastructure to roll-ups and support the creation of an ecosystem on L 2 s by reducing the risk of exploits that harm projects and retail users alike. Project links: Linktree @HatsFinance | Twitter | Linktree We are changing the way crypto security works Hats contracts 1 , Hats Audit , Hats tokenomics , DeFisafety report Additional team member info: Shay Zluf, CTO, and Hats Architect - Twitter GitHub Ofir Perez, Head of Growth - Twitter Jelle Gerbrandy, Head of Solidity - Github Carlos Fontes, Front-End - Github Please link to any previous projects the team has meaningfully contributed to: Shay Zluf, - Shay is Hats’ lead dev and Hats visionary. Shay is an Ethereum OG and can be best described as a decentralizer of the ecosystem and incentivizer of desired outcomes. He was also part of the “Prysmatic Labs” team developing the Ethereum 2 . 0 client. Relevant usage metrics: 26 Bounty Vaults $ 1 . 7 m TVL 25 % of TVL from the community Strong growth in the community of security researchers Competitors, peers, or similar projects: The key advantage of Hats Protocol vs. the traditional, centralized bug bounty services are: Hats bug bounty vaults are loaded with the native token, stablecoins, or yield-bearing token (Support in V 2 ) of the project thus reducing the free-floating supply while giving the token additional utility. Scalable bounty network — vault TVL increases with the project’s success. Open & Permissionless — Anyone can participate in the protection of an asset (Optimism ecosystem projects, their community members, and OP users). Any hacker can participate anonymously when disclosing exploits (no KYC needed). In the future, every depositor could earn rewards when providing liquidity. Continuous protection — As long as tokens are locked in the vault, hackers are incentivized to disclose vulnerabilities through Hats instead of hacking. 1103 × 1600 175 KB Is/will this project be open sourced?: Yes. Everything is already open source. Optimism native?: No. Date of deployment/expected deployment on Optimism: TBD - We expect to be deployed on Optimism early-mid February. Ecosystem Value Proposition: Direct losses from Hacks and Exploits exceeded $ 15 b in the past two years and over $ 3 b has been stolen by hackers this year alone. Unlike audits (which are confined to a specific time period), bug bounty programs provide a continuous layer of security to identify smart contract bugs and keep users safe. We request 200 k $OP tokens to incentivize $OP ecosystem projects to create a bug bounty vault on Hats protocol to take an ongoing and on-chain security precaution. In contrast to Hats’ protocol, other bug bounty solutions offered today run counter to Optimism values of decentralization, permissionless-ness, open-sourced and accessibility to all. Additionally, there is currently no other bug bounty protocol incentivizing all stakeholders (teams, investors, DAO, community members, node operators, etc.) to help protect their projects and the underlying infrastructure against exploits and hacks. We believe that Optimism’s taking an initiative to incentivize the on-chain and ongoing security efforts of OP ecosystem projects will be an innovative and distinguishable approach to be adopted as a network. Hats.finance is an on-chain decentralized bug bounty platform designed to prevent crypto-hack incidents by offering the right incentives. Additionally, Hats.finance encourages community participation allowing anyone to add liquidity to a smart bug bounty. Hats also allows hackers to responsibly disclose vulnerabilities without KYC and be rewarded with scalable prizes and NFTs for their work. Smart bug bounty programs are a win-win for everyone. They can be created easily with a few on-chain transactions (it takes around 1 hour to open a vault on Hats), and setting them up is free of charge. Bug bounty programs do not cost anything unless a vulnerability is discovered, which would be more costly and irreversible once exploited. More importantly, a bug bounty at Hats is transparent, and decentralized and gives power to the community behind the project. Security underlies the technology of smart contracts and we strongly believe the future of cybersecurity has aligned incentives. We are taking leadership in relation to these principles by creating a decentralized bug bounty marketplace that creates the right incentives for all of its participants. We are already working with a variety of protocols today, from Liquity to DXdao, securing their protocols using the Hats smart contracts. We are in the final stages of developing Hats V 2 , and would love to work with, and host bug bounties for Optimism ecosystem projects. How Hats Bounty Program Works 1600 × 900 99 . 6 KB 1600 × 900 45 . 8 KB As is seen at the charts above, Optimism ecosystem projects would be required to select and set up a committee for the bug bounty vault. The Committees responsibility: Triage incoming vulnerability reports/claims from auditors/hackers (get back to the reporter ASAP and ideally within 12 hours) Approve claims within a reasonable time frame (Max. of 6 days) Set up repositories and contracts under review (A list of all contracts covered by the bounty program separated by severity) Has your project previously applied for an OP grant?: No Number of OP tokens requested: 200 k Did the project apply for or receive OP tokens through the Foundation Partner Fund?: No If OP tokens were requested from the Foundation Partner Fund, what was the amount?: NA How much will your project match in co-incentives? (not required but recommended, when applicable): Hats will match the incentives but the exact amount cannot be disclosed prior to the TGE for multiple reasons. Proposal for token distribution: 200 k $OP tokens are used to incentivize depositors (including project DAOs, investors, community members, and audit firms) to the vault Hats and OP tokens will be rewarded in a hybrid liquidity mining scheme to LPs of bug bounties. The rewards should be allocated to the different bounties based on Quadratic Market capitalization, Quadratic TVL, and the amount of liquidity that is provided by the responsible DAO. If the liquidity incentives will be deployed before the $HAT TGE has taken place the initial phase will be rewarded only by OP tokens. How will this distribution incentivize usage and liquidity on Optimism? Generate more trust in the Optimism ecosystem security Mitigate events that will harm user adoption and the reputation of the ecosystem Bring the attention of a valuable target audience: Developers & Security Researchers Give governance tokens on Optimism more utility Stake to increase security Stake to farm yield Decrease the free-floating supply of the respective governance tokens Why will the incentivized users and liquidity remain after incentives dry up? Increasing the security will give more users the required trust to use the optimistic roll-up Users that get burned by an exploit are unlikely to stay active participants in the crypto space. Bug bounties are not necessarily aimed at rogue yield farmers since the risk/return profile only makes sense for market participants that already have a vested interest such as builders, long-term aligned community members, and users with locked assets. In other words, wewards will get channeled into the right hands. Over what period of time will the tokens be distributed? We plan to run our own liquidity mining scheme over a period of two years. How much will your project match in co-incentives? We plan to incentivize based on the number of vaults. The goal is to reach a sufficient bounty size for each project.
Likes: 7 Replies: 1
Likers: Salome, 0xAngler, rubiokishi, cryptoagu, StevenCaptain, sgh90, FractalVisions
Replies:
- Gonna.eth: From all the bug bounty protocols/projects I know, this looks like the best-oriented in terms of transparency using almost every possible on-chain option to solve this problem. But as others project, the off-chain encrypted communications are odd. I understand you can not disclose a white hat hacker communication as this can end up in someone else picking the hack before the solution comes in. How can you assure the white hat hacker to be paid by the service if there’s no public information about their finding? Fav_Truffe: Option 1: Liquidity Mining (150k $OP tokens are used to fund the bug bounty vault and 50k $OP tokens are used to incentivize depositors to the vault) You say “Option 1” but I see no other options. What does it mean 150k $OP tokens are used to fund the bug bounty vault? Will this be specifically for Optimism L2 bugs or will it cover things other protocols inside Optimism? “50k $OP tokens are used to incentivize depositors to the vault” If I provide liquidity to the vault, am I getting OP tokens in return If optimism L2 it’s not hacked nor a bug is found? TBH this is one of those proposals I like because it comes with a solution to a real problem and is a no-brainer in terms of use.

1 2 Next