Hi @earthrise!
The ZCG committee met and discussed your grant proposal. We’re very excited about the opportunity to have someone with your background working independently of the ZF and ECC and in partnership with the community to secure the Zcash ecosystem. Overall your proposal looks strong and you have strong support from the community, but we have not voted on it yet. There is some hesitancy within the committee for funding via a salary-like milestone approach vice funding with specific monthly milestones in mind due to not fully understanding if there is enough work in the ecosystem for a full year agreement. With this in mind, we have a couple of clarifying questions for you about your grant proposal.
-
In your proposal you mention “The projects I choose to audit will be at my discretion (where I think review is most needed based on usage and risk), with input taken from the community and the grant committee”. You also mention in a forum response that the first 3 months would likely encompass ZecWallet-lite, Nighthawk, and the preliminary designs for ZSAs. Noting the current absence of comments from these projects on your proposal thread, we’re curious if you have had the opportunity to communicate with them privately to gauge their willingness to partner. Can you elaborate on other ideas you have for security audits/research/etc that could help persuade the committee that there is no shortage of security related work to be done?
-
We do not want to approve grants that are too open-ended resulting in required salary-like payouts for less than the agreed-upon effort (i.e. paying out for 17 days of work when only 10 were necessary that month). We’re optimistic that you will find the projects and partnerships necessary to earn the full 17 days of payment each month. You suggested the outreach and auditing buckets may vary in a given month which is understandable. We also recognize that there may be months when the full 17 days of work isn’t needed or more than 17 days of work is performed. In that case we would look to adjust the milestone payouts within the total budget allocated to the grant as necessary. The new grants platform provides the ZF more flexibility in managing milestones, and the committee has been flexible with grant applicants in this manner in the past. We would like to make sure that you’re comfortable with this and are thinking about the milestone payouts as flexibly as we are.
-
How would you prefer to collaborate with ZCG on ongoing efforts, embargoed audit reports, our thoughts about ecosystem audit needs, etc? Perhaps a monthly meeting that occurs before applying for the current month’s milestone payout to review the efforts from the current month and planned efforts for the next along with any other agenda items?