TheDAO's Ethereum Security QF Round - Retrospective Report

Quadratic Funding
1

Ethereum Security QF Round: Retrospective

TheDAO Security Fund launched earlier this year with the goal of funding Ethereum Security. It chose to run its first funding round on Giveth, making use of the virality of Quadratic Funding (QF) to bring together security projects from across the ecosystem. The round had a broad eligibility scope, open to any project working on Ethereum security, including smart contract security, wallet safety, monitoring, incident response, education, research, and standards.

The round ran from April 23 to May 14, 2026. It drew $315,020 in direct donations from 3,934 donors and distributed a 638.58 ETH matching pool across 134 projects - the largest matching pool in quadratic funding history.

This is Giveth’s retrospective as the platform and operator of the round. It covers three areas:

  1. The quadratic funding mechanism and the experiments we ran
  2. The Giveth platform itself, and
  3. The round as TheDAO’s first

For each area it sets out what worked, what could be better, and lessons learned/actions to improve. The results and the underlying data are public, and links to the dashboard, the dataset, and the open-source matching algorithm appear throughout so anyone can check the round for themselves.

image
image1619×850 189 KB

By the numbers

  • Matching pool: 638.58 ETH, the largest in quadratic funding history to date.
    • 500 ETH TheDAO seed
    • $200,000 Wintermute, added just before results went live
    • $50,000 Quantstamp
    • $5,000 CredShields
    • $45,000+ from donations to the matching pool made during the round
  • 134 projects selected from a pool of 250+ applications.
  • $315,020 in direct donations, 13,805 donations, 3,934 unique donors, across 7 networks.
  • “Donation tokens” allocated by badge holders served as additional funding provided by large organizations, on top of the pool: FINN from TheDAO (7.393 ETH reached projects) and TIK from CertiK ($50,000 USDC). More on these tokens in this post.
  • 172 of 200 badge holders participated. The badge-holder group drove roughly $125,000 in donations. 67 Badge holders put in their own money.
  • 20+ organizations contributed publicly through matching pool support, badge-holder funding, team donations, and direct project support.

Full results are in the forum results post. You can explore and download the round data from the interactive dashboard, and the complete results dataset is public.

image
image1342×744 115 KB

1. Quadratic Funding

This section covers the retro on everything to do with quadratic funding for the round: the mechanism itself, the experiments we ran on it (the calculation algorithm, sybil protection, estimated matching, and project selection), and the open-source dashboard we built to explain it.

The mechanism in brief:

  • Matching used COCM (Connection-Oriented Cluster Match), the quadratic funding algorithm Giveth has run since May 2024. Donations from ETHSecurity Badge holders carried a 4x weight in the matching calculation.
  • A 5% per-project cap limited how much of the pool any single project could take.
  • A 0.3339 ETH floor set a minimum for each funded project.
  • Donors qualified for matching through an ETHSecurity Badge, a Human Passport score of 50 or higher, or a Stamps score of 15 or higher.
  • Only donations over $1 USD were eligible to be matched.

Full rules are in the round guide.

What worked

  • 1.1 COCM algorithm
  • 1.2 Tunable QF with a 4x expert weight
  • 1.3 Donation tokens
  • 1.4 Expert community involvement
  • 1.5 Educational dashboard
  • 1.6 AI recirculation analysis
  • 1.7 Matching caps
  • 1.8 Strong eligibility criteria

1.1 COCM algorithm

  • COCM is meant to reward projects with broad, organic support and reduce the weight of coordinated or tightly-correlated donor groups. It leads to a flatter matching distribution profile, but overall more accurately reflects the wisdom of the entire community of donors.
  • We experimented with variations of QF and COCM: vanilla QF, COCM Markov-style harsh on, COCM Markov-style harsh off, and 50/50 COCM/vanilla QF, and chose harsh-off Markov-style COCM.
  • We analyzed the impact of removing large groups of very coordinated donors (likely sybils) on the results, and found that for nearly every case, there was very minimal impact from including them. This is favourable because it more fairly relies on the algorithm vs. human judgement on the ability to determine if an address cluster is a sybil group or not.
  • COCM did its job in democratically allocating funds and dampening coordinated attacks or gaming attempts.

Comparing Classic QF to COCM
Comparing Classic QF to COCM1366×670 118 KB

The curve compares regular QF and COCM using the round’s settings (638.58 ETH matching pool and a 5% max cap). In both cases, only 1 project hit the max cap, but in general vanilla/Classic QF concentrates funding more at the top and more projects into the long tail.

1.2 Tunable QF with a 4x expert weight

  • Tunable QF is an experiment in turning “up” the weight of the donations made by select parties, and we conducted this experiment with the community of ETHSecurity Badge holders.
  • The 200 ETHSecurity Badge holders were given a 4x weight on their donations ($1 donated counts as $4 donated) so their signal counted for more in matching.
  • It amplified that expert signal without distorting the outcome: matching at 4x, at 1x, and with only Badge holder donations lands in a similar place, but some projects had results that differed by up to 5 ETH (see the comparison below).

Matching compared: badge holders at 4x, at 1x, and only badge holders (top 15; full 134 in Appendix B)

Project Contributors Raised (USD) Match 4x (ETH) Match 1x (ETH) Match badge-only (ETH)
SEAL 911 426 17,044 31.93 31.93 31.93
The Red Guild 156 8,789 27.04 21.67 31.47
ZachXBT 349 10,137 23.23 22.61 23.42
Revoke.cash 317 4,598 20.41 20.06 20.34
SEAL Frameworks 132 6,776 18.73 15.65 21.86
Safe Multisig Tx Hashes 160 7,712 18.07 16.65 19.37
Rekt News 377 12,849 16.23 21.08 12.48
SEAL Certifications 130 7,779 15.16 14.52 16.35
SEAL Intel 135 4,280 14.21 12.83 15.50
Blockscout 279 5,288 14.19 15.56 13.13
L2BEAT 163 3,918 13.42 12.88 14.03
BlockThreat 115 2,814 12.78 11.58 13.37
Echidna 90 3,129 12.64 10.28 14.58
Sourcify 110 2,611 11.74 10.01 13.21
Vyper 143 3,329 11.61 10.98 12.32
Pool total 315,020 638.58 638.58 638.58

The badge weight lifts expert-backed projects such as The Red Guild and pulls back projects with wider non-expert donor bases such as Rekt News, while the overall ordering and totals hold across all three settings.

1.3 Donation tokens

  • Badge holders received FINN (ETHSecurity Donation Finneys), backed by TheDAO. Donating 1 FINN sent 0.001 ETH to a project on top of QF matching, and 7.393 ETH reached projects this way.
  • CertiK contributed TIK, $50,000 for badge holders to allocate. About 80% of the TIK was donated, and rather than let the rest go unused, CertiK raised each token’s backing from about $1 to about $1.25 so the full $50,000 still reached projects. Projects that received TIK were airdropped the USDC directly.
  • FINN & TIK were one-way signals: they could not be returned, recycled, or re-donated.
  • Together the tokens put funds directly into projects and let experts participate in QF without using their own funds.
  • More in this post.

image
image456×335 56.3 KB

1.4 Expert community involvement

  • The Ethereum Security QF round leveraged a community of Ethereum Security experts - aka Badge holders - which led to very promising results.
  • To be recognized as an ETHSecurity expert, a prospective badge holder applied and was assessed against a rubric, with AI assistance, as one of the top 200 in the ecosystem. More on the selection process.
  • Badge holders received an on-chain NFT marking the role, and many posted publicly that they were proud to be selected.
  • They applied to the round with their own projects, many of which might not have entered otherwise, and promoted the round to their networks.
  • The 4x weight and the donation tokens drove participation: 172 of 200 took part, and 67 added their own funds on top of their FINN and TIK.
  • Organizations gave more because they trusted the experts, with CertiK’s $50,000 the clearest example.
  • Recognizing a community of experts up front and channeling their judgment through tunable QF and donation tokens led to more and better projects, a stronger matching signal, and more donations.

1.5 Educational dashboard

  • This open-source tool lets anyone explore the round’s data, compare Classic QF with COCM, see Badge holder impact, and test matching scenarios. It is very likely the best existing tool for practically comparing COCM to QF, a concept which is widely misunderstood.
  • It is a strong model for other communities to build on or reuse, especially now that AI lowers the cost of building this kind of one-off app.
  • The matching algorithm itself is open source at github.com/Giveth/qf-calculator.

Walkthrough of the dashboard:

1.6 AI recirculation analysis

  • Recirculation is when a donor sends funds to a project, the project routes them back, and the donor donates them again to inflate apparent support. Other examples include projects donating directly to themselves, or otherwise sending funds out to get it donated back. This can be done with a single address or through “hops” with multiple addresses.
  • Using AI, we were able to flag these patterns quickly, replacing what used to be slow manual tracing, and were able to assess the severity of these recircs.
  • In severe and very clear recirculated cases, we removed the matching impact of flagged donations (though they still count towards the project’s total donations). This affected a total of 239 donations, worth $10,942.

Snippet of AI generated recirc analysis
Snippet of AI generated recirc analysis1920×881 168 KB

1.7 Matching caps

  • The 5% matching cap kept the SEAL 911 project from fully dominating the pool. With no cap they would have taken nearly double, reducing the ETH that a lot of the next highly ranked projects would have received.
Project Match, 5% cap (ETH) Match, no cap (ETH) Difference (ETH)
SEAL 911 31.93 63.08 +31.15
The Red Guild 27.04 25.64 -1.40
ZachXBT 23.23 22.03 -1.20
Revoke.cash 20.41 19.35 -1.06
SEAL Frameworks 18.73 17.76 -0.97
Safe Multisig Tx Hashes 18.07 17.13 -0.94

Without the cap, SEAL 911 would have taken 63.08 ETH, nearly double its capped 31.93. That overflow was spread across the field, and the next five projects alone would have received about 5.56 ETH less between them.

1.8 Strong eligibility criteria

  • The Ethereum Foundation set the eligibility criteria, and Giveth’s review team and ecosystem partners applied them.
  • Only 134 projects from a pool of 250+ applications made the cut.
  • This led to a round full of incredible projects, all of which deserve funding. The matching floor was set relatively high at 0.3339 ETH for this reason.
  • Griff and Jason’s 6-hour project recap went through them all:

What could be better

  • 1.9 Donor understanding of matching
  • 1.10 The 80/20 experiment
  • 1.11 Suspicious badge-holder donations
  • 1.12 Rules around multiple projects from one entity
  • 1.13 Unclear rules for dual roles

1.9 Donor understanding of matching

  • Estimated matching reads high early in the round because it is running calculations based on only a very few donations and limited data.
  • Two pieces of guidance were widely read as rules: “Donate to three or more projects” was a suggestion, and donating more than $5 was the threshold for the GIVbacks raffle ($1 is the minimum amount to be matched).
  • COCM reduces matching for projects whose donors form a tight, correlated cluster, which is its purpose. Communities that directed their supporters to back the same small set of projects received less matching than classic quadratic funding would give, and some read that as a penalty rather than the mechanism working as intended.

1.10 The 80/20 experiment

  • The Giveth team connected with Joel Miller, one of the original founders of the COCM algorithm, to discuss potential improvements to the calculations. COCM naturally dampens the impact of a donor who only donated to one project, but may not dampen as severely the impact of a donor who piles most of their money into one project and donates small amounts elsewhere to manufacture overlap (an attempt to “game” the algorithm).
  • We experimented with a rule (coined “80/20”) that would cap any single-project donation at 80% of a donor’s total giving for the round (the same as four times their combined giving to all other projects), to limit donors who pile most of their money into one project while adding token amounts elsewhere.
  • We ran it at 80/20, 90/10, and 95/5.
  • While the distribution was ultimately more democratic and organic, we did not apply it because it penalized one type of donor while not as severely dampening the single-donor/single-project cluster, and manually reducing the impact of single-issue donors was not fair to impose after the fact.
  • The 80/20 rule remains available to explore in the dashboard, and we hope it leads to further experimentation in the future.
Project Total raised (USD) Contributors Matching default (ETH) Matching 80/20 (ETH)
SEAL 911 17,044 426 31.93 31.93
The Red Guild 8,789 156 27.04 27.18
ZachXBT 10,137 349 23.23 23.33
Revoke.cash 4,598 317 20.41 20.51
SEAL Frameworks 6,776 132 18.73 18.82
Safe Multisig Tx Hashes 7,712 160 18.07 18.17
Rekt News 12,849 377 16.23 15.85
SEAL Certifications 7,779 130 15.16 15.18
SEAL Intel 4,280 135 14.21 14.29
Blockscout 5,288 279 14.19 14.25
L2BEAT 3,918 163 13.42 13.49
BlockThreat 2,814 115 12.78 12.85
Echidna 3,129 90 12.64 12.52
Sourcify 2,611 110 11.74 11.80
Vyper 3,329 143 11.61 11.69
Pool total 315,020 638.58 638.58

The full 134-project comparison is in Appendix B.

1.11 Suspicious badge-holder donations

  • A few Badge holders donated in suspicious ways, for example only to their own or an affiliated project. In one case a Badge holder received funds from a project in the round at their Badge holder address and then re-donated it back to the project. We reported these cases to the curators for review.

1.12 Multiple projects from one entity

  • The wider SEAL ecosystem was allowed to enter the round as several separate projects under one brand, which drew objections and calls for a clearer rule on multiple projects from one entity.

1.13 Unclear rules for dual roles

  • It was unclear to some what was allowed or appropriate, particularly for people acting as both a project owner and a Badge holder.

Lessons Learned for QF

  • COCM works. It produced a broad, democratic distribution and held up against coordinated attacks, which makes it a good alternative to Classic QF in many cases.
  • COCM needs better in-app explainers and context-giving content.
  • Matching caps and floors prevent small groups of projects from dominating and support all projects lightly - great for rounds where the projects are all carefully selected.
  • Creating a community of experts, and recognizing and rewarding them is a high-leverage move that can lead to more and better projects, and overall more funding contributed.
  • Expulsions or graduated sanctions for bad behavior by vetted “experts” should be explored.
  • Strong and definitive eligibility criteria applied fastidiously produces rounds with a very high chance of success.
  • Clear rules for multiple projects/one entity needed to be defined, or transparent explanations made in the case of exceptions,
  • Leveraging AI for on-chain analysis has become a valuable time saving tool for sybil and recirculation integrity checks.
  • In the age of Claude code, transparently sharing results and educating users through mini apps and open-source dashboards has never been easier.
  • Experiments like the 80/20 rule are a good foundation for iterations on COCM.

2. The Giveth platform

What worked

  • 2.1 Cart and multichain checkout
  • 2.2 Low friction for projects
  • 2.3 In-app communications

2.1 Cart and multichain checkout

  • The cart and checkout flow made it easy to move from discovering a project to donating.
  • Multichain donations across 7 networks removed bridging friction, allowing donors to donate where they had funds.

image
image1682×1500 199 KB

2.2 Low friction for projects

  • Project signup was simple.
  • Zero platform fees.

2.3 In-app communications

  • In-app reminders and Telegram communications kept participants on track.

What could be better

  • 2.4 Under-recorded donations
  • 2.5 Running 2 connected apps
  • 2.6 Verification and wallet friction
  • 2.7 Project discovery
  • 2.8 GIVpower
  • 2.9 Routing user feedback

2.4 Under-recorded donations

  • The app did not record every donation as it happened - in most cases because the user closed the tab before the donation was verified on-chain.
  • Because donations flow through an on-chain donation handler, we recovered the missing ones by reading the contract and inserting them before matching was calculated, so none were missed in the results, but it took significant manual effort.

2.5 Running 2 connected apps

  • We are building a new Giveth platform that supports the cart and QF-round checkout, but it was not fully ready in time for the round.
  • We ran a combined experience across Giveth “v5” (with create a project) and “v6” (with donate/cart checkout). Projects were created on v5 and imported to v6 by scheduled cron jobs.
  • Edits took time to appear where people donated, which confused users, and the volume of jobs between the two back ends overloaded services.

2.6 Verification and wallet friction

  • The Passport verification flow was difficult for some users.
  • Signing in and connecting wallets caused problems, including Ledger connection failures and the token-approval step stalling before the donation completed.

2.7 Project discovery

  • Some projects had thin descriptions, and smaller or newer projects were buried without round-specific categories or by-name sorting.

2.8 GIVpower

  • GIVpower engagement was front-loaded and then tapered, needed more promotion.

2.9 Routing user feedback

  • Feedback was scattered across X, Telegram DMs, Discord, and the app support flow. With a small team, many requests were hard to manage.

Lessons Learned/Key Takeaways for QF Platforms

  • A cart and multichain checkout significantly reduce donor friction, especially when users can donate with funds they already hold across different networks.
  • Simple project onboarding and zero or minimal platform fees make rounds more accessible to projects.
  • Wallet connection, token approvals and identity verification are major parts of the user experience and require strong testing, clear error messages and fallback paths.
  • Strong project discovery tools, including categories, sorting and complete project profiles, are necessary to prevent smaller and newer projects from being buried.
  • Platforms need one clear channel for reporting issues and submitting feedback so problems can be identified, prioritized and resolved efficiently.

3. TheDAO rounds: This round as the first

What worked

  • 3.1 Project discovery
  • 3.2 An open, permissionless matching pool
  • 3.3 TheDAO’s 500 ETH multiplied 1.6x
  • 3.4 Many forms of fundraising
  • 3.5 Wide communications
  • 3.6 Momentum into the next round

3.1 Project discovery

  • When the curators began discussing funding Ethereum Security, a main point brought up was, “Who should we fund? What projects even are there?”
  • QF is a viral funding mechanism and was chosen as the first round as a way to create visibility and surface projects. It succeeded.
  • The round drew 250+ applications and funded 134 strong projects, surfacing a wide range of Ethereum security work, including projects the fund and curators would not otherwise have found.

3.2 An open, permissionless matching pool

  • During the round, we opened up a matching pool project and allowed anyone to permissionlessly add to it.
  • After some large donations from communities like Quantstamp and CredShields, an unaffiliated community launched a token that donated a percent of every sale directly to the matching pool multisig. This raised an additional $45k.

3.3 TheDAO’s 500 ETH multiplied 1.6x

  • TheDAO put up a 500 ETH seed contribution, and Giveth opened up the possibility for others to add to the matching pool, doing direct fundraising and coordination.
  • This grew the matching pool to 638.58 ETH, with 20+ organizations contributing across many channels, including $200k from Wintermute and $50k from Quantstamp.
  • Adding in the $315,020 of donations from the community (contributed both organically and through Giveth core team fundraising efforts), total funding for Ethereum security reached roughly $1.65M, about 1.6x what TheDAO put up.
  • Sponsors and the community provided about 37% of the total, roughly 58% on top of the seed.

image
image1354×550 105 KB

3.4 Many forms of fundraising

  • Direct matching-pool donations
  • Donation tokens such as TIK and FINN, distributed by experts
  • Organizations funding their employees to donate
  • Organizations donating directly to projects

3.5 Wide communications

  • Communications reached widely, including a six-hour livestream through every project that was later cut into content, X spaces, and Ethereum Foundation involvement across the round.

3.6 Momentum into the next round

  • The round built momentum that will help to seed the next one(s).

What could be better

  • 3.7 Fundraising challenges
  • 3.8 Marketing from TheDAO
  • 3.9 Round timing and distribution

3.7 Fundraising challenges

  • Sponsorship-type fundraising started late, so some teams were not able to contribute.
  • There was no sponsorship deck, no tiered packages, and no single owner within Giveth, so sponsor and donor handling was ad hoc.
  • A large donor that was accepted had a bad reputation in the space, so promoting them created friction.

3.8 Marketing from TheDAO

  • TheDAO’s own channels were under-used for promotion, and more major-media coverage would have helped, especially from the curators’ own accounts.

3.9 Round timing and distribution

  • Many projects were created at the last minute, applying after the initial deadlines and only getting accepted mid-round.
  • Compliance checks were run with a third party, which added delays to fund distribution.
  • Because of the delays, the ETH price dropped nearly 25% before funds could be distributed.

Lessons Learned/Key Takeaways for Funding Communities

  • QF works as a discovery and visibility engine for a broad first round. It surfaced a wide field of security projects and a lot of attention.
  • Announce round themes, eligibility rules and timelines early so all parties have time to prepare.
  • Allow anyone to permissionlessly contribute to the matching pool - even during the round.
  • Begin fundraising before the round launches, with a clear deck, defined contribution options and one person responsible for sponsor relationships.
  • Vet major donors and partners before publicly associating them with the fund.
  • Curators should promote the round to establish legitimacy and reach audiences beyond the platform. TheDAO’s socials should be more active in promo.
  • Consider distributing funds in a stablecoin, or advise recipients to hedge their ETH rewards, given ETH’s drop during the distribution delay.
  • Explore mechanism ideas raised by participants: a role for experts in project selection or an open vote, expert-only or badge-holder rounds, milestone-based funding, or larger RFPs for specific outcomes.

Feedback Sources

Feedback came from two community retrospective calls - one internally with the Giveth team and one externally which included badge holders, project owners, and contributors - from a participant feedback form, and from public posts.

Screenshot of External Community Retrospective FigJam
Screenshot of External Community Retrospective FigJam1634×1214 332 KB

Summary of Takeaways

Our recommendations for running future rounds, drawn from everything in this retro.

Running the matching (QF)

  • Use a cluster-based matching algorithm like COCM. It spread funding broadly and held up against coordinated giving.
  • Have a per-project cap, and consider a floor. A cap keeps any single project from dominating the pool; a floor lifts the long tail. Set the levels to fit the round.
  • Amplify trusted expert signal with tunable weighting, and publish the weighted-versus-unweighted comparison so the effect stays transparent.
  • Explain how matching works, and what counts toward it, directly in the donation flow.
  • Run AI-assisted on-chain integrity checks for sybil clusters and recirculation, with the rules set before the round.
  • Consider iterating on rules that dampen single-project concentration, such as the 80/20 experiment.

Experts and funding

  • Recognize a community of experts up front and channel their judgment through tunable weighting and donation tokens. This was one of the round’s highest-leverage moves.
  • Use donation tokens to let experts and sponsors direct funds on top of the pool.
  • Open a permissionless matching pool, and combine fundraising forms: pool donations, donation tokens, employers funding their teams to give, and direct project donations.
  • Keep eligibility criteria strong and set by a credible body, then applied by a review team.

Running the round

  • Start fundraising early, with a deck, tiered packages, and a named owner, and secure sponsors before the round.
  • Vet cosponsors and large donors.
  • Announce each round’s focus early so projects and contributors can prepare.
  • Set and enforce an integrity policy for experts and badge holders, and clarify the rules up front, including multiple projects from one entity and dual project-owner and reviewer roles.
  • Run a clear communications plan: a project livestream, spaces, and the fund’s and partners’ own channels.
  • Consider distributing in a stablecoin, or advise recipients to hedge, given how far ETH can move during distribution delays.

Donor and project experience

  • Give donors a cart with multichain checkout, so they can back several projects at once.
  • Collect zero platform fees from donors, so the full donation reaches the project without additional friction.
  • Keep project signup simple and low-friction.
  • Keep participants on track with in-app and Telegram reminders.

What comes next

QF was the first of several funding experiments TheDAO plans to run. It is strong for breadth, visibility, and discovery, and it surfaced the themes and data that will shape narrower future rounds. The shape of those rounds is TheDAO’s to define.

We hope that this retrospective was useful and would be happy to hear any of your thoughts in the comments below.

Appendices

Appendix A - Funds accounting

Matching was distributed across four on-chain transactions:

Appendix B - Matching scenarios

Full 134-project tables for the comparisons in this report are in this sheet, tabs as outlined below. The top 15 of each appears in the body.

  • Classic QF vs COCM (Section 1.1): matching-qf-vs-cocm
  • 4x vs 1x vs badge-only (Section 1.2): matching-badge-weight
  • Default vs 80/20 (Section 1.10): matching-80-20

You can also reproduce any of these in the dashboard.