Call for Community Input: Strategic Direction and OBRA Funding Strategies

Author(s): Strategy Steering Committee

Context

Over the last few weeks, the Safe team has received tremendous support from delegates, guardians, ecosystem projects, and other stakeholders in the industry. Along with this support was also feedback on how the Safe tech stack could be made more resilient. One of the key questions here for SafeDAO is how it should effectively allocate funding towards making products built on top of Safe more secure.

There are multiple possible approaches here including:

• introducing a new strategy focused on security to OBRA
• Introducing community-nominated RFPs to fund security improvements
• launching ecosystem support programs like audit subsidies, retroactive funding, ecosystem-wide bug bounties, etc.

This post seeks to collect feedback on this topic, as well as the general capital allocation discussion defined below, to shape the next wave of OBRA and possibly also make way for other initiatives.

To also facilitate a more open conversation on the topic, we are planning to organize two discussion sessions: one on this Friday (March 14th) at 12.00 PM CET and the other on the coming Wednesday (March 19th) at 4.00 PM CET. Invites to both calls can be found on the governance calendar.

Call to Action

This discussion is happening at a timely juncture, as we are close to launching the Wave 2 of OBRA (Outcomes Based Resource Allocation) - SafeDAO’s grant program. This gives SafeDAO a unique opportunity to internalize some of the ideas coming out of this discussion into OBRA’s existing structure.

The Strategy Steering Committee is tasked with iterating OBRA based on community feedback and insights from the previous wave(s). As such, this post aims to collect feedback on the question above, and also on the more generic question of capital allocation: which strategies from OBRA Wave 1 should be carried over or sunsetted? Which strategies should be newly introduced?

OBRA Wave 1 distributed ~$1M in grant funding over 2024. You can find more info on the progress of past initiatives on this dashboard; and a high-level discussion on the impact in this retrospective. Attention, performance and funding allocated varies across strategies and they need to be refined further to improve capital efficiency.

• Strategy 1: Research and implement Safe token utility and Strategy 4: Research decentralization of Safe tech stack may need significant refinements as they were relatively underutilized. The structure of refinement of Strategy 4 depends heavily on the answer to how SafeDAO should approach funding initiatives seeking to improve the security and decentralization of Safe. For Strategy 1, it is important to discuss if it makes sense to retain token utility as a strategy going forward.

• Considering the influx of applications, it may make sense to retain Strategy 2: Foster module ecosystem; Strategy 3: Increase awareness of Safe Ecosystem; and Strategy 5: Increase governance participation, with refinements to improve their funding efficiency.

• To fund various operational legos of SafeDAO, it may be worthwhile exploring how Strategy 6: Wildcard can be refined to become an operational strategy. This change will also limit it serving as an unintentional funding vehicle when the budgets for other strategies run out.

Irrespective of how you are involved in the Safe ecosystem, feel free to share projects or ideas you’d like to see funded through OBRA as well as general approaches to address the questions at hand. The Strategy Steering Committee will try its best to condense your feedback into refinements within OBRA or separate initiatives.

Looking at the retrospective it seems like:

• Lots of BS proposals extracting value from the DAO, especially in Strategy 5. Let’s just remove this category.
• Critical things like decentralization is not getting the attention it needs, and this is critical for security

Generally it seems like we have two main problems:

• Lack of accountability - There’s no one to blame if a strategy is over budget, spends money on BS, or isn’t making progress toward stated goals.
• Lack of vision - The current documents outlining the strategies are very hand wavy. We need clear vision on what is needed and how to get there on each of them.

Maybe it would make sense to have an owner for each strategy that is responsible for setting the vision and moving things forward. They would potentially also be payed by the DAO for this work.

Thank you, @amanwithwings, for sparking this important discussion around the strategic direction and OBRA funding strategies. Here are some thoughts:

Safe{Core} – Our Flagship Product

Safe{Core} is a battle-tested, widely-used set of smart contracts that forms the backbone of our ecosystem. While past funding has supported teams building on top of Safe{Core}, it hasn’t been the core focus of the OBRA grant program. Given its pivotal role, emphasizing it is essential for a vibrant and robust Safe ecosystem.
For example, the Uniswap protocol demonstrates the benefits of having multiple frontends. Their approach—with both an official interface and several community-built access points—has kept users engaged even when controversies (like commission fees) arose on the official frontend. This shows that a diversified access strategy can help maintain and grow user engagement with the underlying protocol.
It would make sense for Wave 2 of OBRA to direct funding toward teams building on Safe, with Safe, or focused on enhancing its security. This not only reinforces the strength of our flagship product but also fuels community-driven innovation and improvements.

Enhancing Safe{Wallet}

Safe{Wallet} is a key product line offering an intuitive and accessible interface that leverages Safe{Core} for everyday operations. Funding efforts to further improve security on Safe{Wallet} will continue to make our ecosystem more user-friendly and resilient.

Reassessing current OBRA strategies

Based on the Wave 1 retrospective, we believe we should consider removing (or revisiting later) strategies such as #1 (Research and implement Safe token utility) and #4 (Research decentralisation of Safe tech stack). This shift in focus could allow us to concentrate resources on more immediate needs, like the ones suggested above.

Prioritising security

As we shift more attention toward builders, security must remain at the heart of Safe. Subsidizing audit costs for these teams would be an effective measure to ensure that enhancements come with robust security, aligning perfectly with the goals of the OBRA grants program.

Acknowledging Recent Contributions

Lastly, we propose a one-off retroactive funding round for teams that stepped up during the past few challenging weeks. This would send a strong, positive signal and demonstrate our DAO’s gratitude to the key community builders who have been instrumental in our progress.

Thanks for raising this discussion @amanwithwings .

@jthor as an OBRA recipient in Category 5. I feel attacked. LOL but agree that funding in general should be tied to macro objectives.

I will be making a case for:

1. Client diversity.

Why? People need to conduct their daily operations when core services go down.

When we first raised our proposal we did get some flack, [SEP 35] [OBRA: Increase governance participation] Improve voting UI/UX with SAFE on mobile about another client.

We can now clearly see that client diversity is important. When core services were suspended, all the various alt-clients had a chance to shine for the specific SAFE activities they supported.

However, key services are sill needed to transact with Safe which brings me to my next point.

2. Fallback critical infrastructure.

Why? Again when a core service is stopped for whatever reason vendors NEED fallbacks.
Yes we could clone and run our own txn relayers but this is simply cost prohibitive.

On this point I think we have a few options;

2.a) Petition ecosystem providers to run well known services (Running the Safe Transaction Service – Safe Docs) at a known URL e.g https://txn-relay.safe.optimism.io. This reduces infrastructure burden on small operators and there is increased trust. This also means messages can be pooled.

If I ran my own relayer, it should be HIGHLY UNLIKELY that Safe would want to surface that message on the official UI. Thus we lose some interoperability across various clients.

2.b/ Devise an on-chain method for arbitrary message passing.

3.c/ Deploy a validator like client (rsafetxns) solely responsible for passing messages. Anyone can run this. Possible upside. Truly decentralised. Explore adding additional utility for Safe tokens for staking etc.

I’ve expanded my thoughts earlier on in this thread how this looks like from a vendors implementation perspective. Would appreciate eyes on this as well.

We need to turn on the fee engine to generate more funding to advance security and get additional funding for projects that will help us create a more safe ( pun intented ) product and ecosystem for everyone.

This is long overdue and we should have all hands on deck to get this initiative going as quickly as possible.

@amanwithwings @jthor @1a35e1 @DoDAO @kpk @Safe_community_bot @lukas @LuukDAO @TheEther2077 @BraveNewDeFi @Hopper @Allen @ROSO @muntangled @felix_greenfield

Hey @Ibrahim313, you have been posting the same comment repeatedly without any constructive input. Kindly start a separate forum post to discuss your topic of interest (with more detail) and I’m sure people will give you their feedback if they find it worthwhile.

Thank you for your comment @amanwithwings You can find the full report purposed here.

Some of us are just investors here on the outside looking in we don’t necessarily get involved in the development aspect pre say.

Not to speak on anyone’s behalf and I’m generally a new user here but many investor folk are ringing this sentiment. A new form of income stream is needed to sustain safe long term, now more than ever before.

How to come to that conclusion we can leave up to the professionals like yourself to come to terms on this.

If we can all work together on this and read @LuukDAO full report I think is a great starting point.

Thanks @amanwithwings for facilitating this conversation.

Wave 1 of OBRA did see greater participation early on with participation waning toward the end of Wave 1, with SAFE delegates less active than they were in the beginning (broadly speaking). The Strategy Steering Committee should be able to make the process more efficient, better track process, and hold grantees accountable in a way that is more difficult for DAO participants to do. Looking forward to Wave 2!

Thoughts on Wave 1 Retrospective

With that said, I read through the retrospective and came to similar conclusions as others:

• Strategy 5: Increase governance participation. While this received the most interest and a significant amount of grants were awarded, these initiatives haven’t resulted in increased governance participation. I’d rather deprioritize this strategy and let the existing grantees create awareness about their output from Wave 1. Allocating more funding here when we haven’t seen results would be unwise. Increased governance participation would be great, but throwing more money behind it doesn’t make sense right now.
• Strategy 1: Research and implement Safe token utility. I haven’t see any deliverables from this strategy that have moved SAFE token utility forward to date. If additional funding is made available in Wave 2, it would be preferable if a tighter scope was defined, so we can attract grantees who are working in the same direction. Figuring out how we define SAFE utility is important, but I believe the scope for this strategy should be well defined.
• Strategy 4: Research decentralization of Safe tech stack. In light of the Bybit hack and other attacks targeting Safe signers, I think focusing on alternative decentralized frontends should be a major focus in Wave 2. Prioritizing grants that provide decentralized solutions for different audiences (i.e., retail and enterprise audiences) would be preferred.

That’s my primary feedback on the previous strategies. I was happy to see the Wildcard strategy act as a catch-all. If Strategy 2: Foster module ecosystem receives additional funding, it should be mandated that any grantee has to provide documentation to help signers verify what the module does and if it requires a delegate call, what behaviour to expect when simulating that transaction. Given the advice shared about delegate calls on Safe transactions, improving documentation to help signers verify transactions that involve a delegate call would be a major improvement for many Safe signers in our ecosystem.

Important Initiatives for Wave 2

There are many ways to tackle improved security within the Safe ecosystem. By making this a primary focus in Wave 2, we can strengthen the Safe community and set the onchain standard, as Safe has done many times before.

As others have noted, decentralization and security should be a core focus in Wave 2. If Safe is going to see mainstream adoption, we need to simplify the process of verifying what people are signing.

Creating a new strategy centred around security or folding security into Strategy 4 with additional funding would be ideal. This can include scope to build tooling to allow signers to verify transactions outside of the official Safe app, allocating funding to subsidize audit costs, bootstrapping bug bounty programs for the module ecosystem built on Safe, defining a standard OpSec process/certification for enterprise Safe signers, etc.

I also agree with @1a35e1 that fallback critical infra should be an important focus in Wave 2.

I’m keen to hear what other Safe Guardians have to say on how we can bring security improvements to the Safe ecosystem, as well.

Thanks @amanwithwings for shepherding this topic through various community feedback sessions and discussions. The work on this has been amazing, and it’s clear how much thought and effort has gone into ensuring OBRA Wave 2 serves as an effective funding vehicle for the Safe ecosystem. We truly appreciate the dedication and collaboration that has driven this process forward.

TL;DR

As close participants in OBRA to date, we believe OBRA strategies moving forward should be explicitly designed to deliver tangible outcomes. We suggest setting KPIs within relevant strategies that can be adopted by all grant proposals, sunsetting strategies that may not produce actionable outcomes, and more clearly redefining the scope and priority of other strategies.

Finally, security is big topic, and we’re excited to see it being prioritized. We believe a dedicated security strategy focused on supporting security-focused projects and subsidizing audits can be of value.

Reflecting on OBRA 1.0 Strategies

• Strategy 1: Research and Implement Safe Token Utility: Beyond the concern of underutilization, we also see a gap in applying research findings, raising questions about what the intended outcome of this strategy is and how effectively these outcomes were achieved. As a good first step, we would like to see the implementation of prior research that we deem high in quality, such as @LuukDAO’s Report on Savings Accounts and Safe Vaults. In line with our belief that OBRA should prioritize funding initiatives with tangible outcomes for the DAO, we support sunsetting this strategy in the next wave of OBRA.
• Strategy 2: Foster Module Ecosystem: Expanding the utility of the Safe Protocol through a thriving module ecosystem remains a key focus, and we’re excited to see this continue. This is essential for driving adoption and engagement among developers and users. In the upcoming wave, we’d love to see an emphasis on user-facing services and tools, such as alternative interfaces, browser extensions, and other projects that decentralize access to Safe’s technology. To maximize impact, SafeDAO could explore designating specific frontends as “SafeDAO-approved,” similar to the approach taken by other DAOs like Uniswap.
• Strategy 3: Increase Awareness of Safe Ecosystem: We fully support continued investment in awareness initiatives, though with a renewed focus on KPIs and impact. Establishing a baseline ‘strategy-wide KPI’ for all grant proposals within this funding bucket could help ensure outcomes align with the intended goals set by the Strategy Steering Committee. Additionally, distributing funding across multiple types of awareness efforts such as Safe-centric events and community-building initiatives could generate a wider range of meaningful activity and help identify the most effective approaches.
• Strategy 4: Research Decentralization of Safe Stack: Despite funding truly valuable work (e.g., SEP 43), unfortunately due to lack of sufficient engagement with this strategy, we believe it may be time to sunset it. Similar to strategy 1, it is difficult to assess intended outcomes when there are gaps in applying research.
• Strategy 5: Increase Governance Participation: Governance participation and community engagement are critical to SafeDAO’s growth, and we’re pleased to see it receive significant attention. While this strategy has shown promise, there is room to enhance its impact, particularly given the level of funding it received during the last wave of OBRA. Moving forward, it may be helpful to explore alternative ways to improve governance, especially approaches that are tried and true from other ecosystems. For example, Optimism DAO has implemented grant lock-ups and governance participation requirements for grantees, ensuring their active long-term ecosystem alignment and mitigating grant poaching. Additionally, if increasing governance participation is not maintained as a standalone strategy going forward, we can explore mandating governance participation as an overarching KPI for all projects applying to the awareness or other strategies. This ensures that the topic of governance is not completely neglected and left to fall by the wayside.
• Strategy 6: Wildcard: This strategy has been a valuable catch-all for various initiatives, but again, we believe the DAO would benefit from a more focused approach. We propose repurposing this strategy into an operations strategy/budget, which would enable the Strategy Steering Committee to fund essential operational expenses like grants management infrastructure, reporting and analytics, and other SafeDAO improvement expenses. Excess funds could potentially be reallocated to support the security strategy if needed, given its importance in the next wave of OBRA.

Improving Security

Security is perhaps the most critical challenge to address in any crypto ecosystem, and we’re excited to see it being prioritized in the design of OBRA Wave 2. We fully support the creation of a dedicated security strategy focused on the following areas:

1. Supporting security-focused projects or solutions for the Safe Protocol: Encouraging innovation in security will strengthen the ecosystem and enhance user trust.
2. Supporting ecosystem projects with audit grants or subsidies: This will help bolster the security of the Safe ecosystem and incentivize builder participation in Safe’s module ecosystem.

• The security strategy budget can allocate funds for both security-focused projects and audit grants. This removes the need for a separate program outside of OBRA, saving resources for the DAO and creating a lean, streamlined process.
• Over the longer term, as the ecosystem continues to expand with new projects, it may eventually make sense for the community to consider establishing a dedicated audit subsidy program for SafeDAO, independent from OBRA.

Closing Thoughts

As committed supporters and contributors to SafeDAO, it has been an incredible journey witnessing and participating in the evolution of OBRA in real time. The work done so far has been highly commendable and we’re excited about what comes next!

Thanks for all the comments so far! The SSC is working on compiling all of it into a proposal for OBRA Wave 2.

Note that we have the second workshop for community input at 4 PM CET today. It’s going to be similar to the one last Friday, so if you already participated then, you don’t need to attend today’s workshop.

Looking forward to it!

Thank you amanwithwings for kicking this off. I’m excited for wave two, and certainly, a lot goes into running a DAO like this. I’m in a similar camp as @kpk, 1a35e1, and @Areta around a focus being for alternative clients, ones that push the adoption, security, and decentralization of Safe transactions. Some also call out the importance of funding audits for these groups not only helps get a product out to customers in a safe (pun intended) method but helps provide security checks for Safe related infrastructure.

Based on the above, my assumption is the goal of the DAO for wave 2 would be around increasing adoption for safe/safe related products and enhancing security (signing, diversity, decentralization). If that is the case, you could drop 1, 5, 6 from the wave 1 strategy and alter strategy 4 to a different form of decentralization.

Others also called this out, but based on Safe’s overall KPIs, the teams that get grants can have similar KPIs that unlock more funding to ensure you get the desired outcomes.

In addition, one issue that emerged with OBRA Wave 1 is the lack of a cohesive plan. Grants were distributed based on various strategies, but how these grants have collectively impacted the Safe ecosystem is unclear.
Other than setting KPIs within relevant strategies, it would be valuable to define strategic priorities for the Safe ecosystem to maintain Safe’s position as a leading and industry-wide-used product.

Thank you, everyone, for participating and sharing your ideas in the last workshop. In light of all the requirements we uncovered recently, the SSC will need to take a few more weeks to refine our final suggestions for OBRA Wave 2. We appreciate your patience.

In the meantime, please feel free to share any additional comments in this thread or reach out to us via DMs.

Excited to see this strategic conversation take place.

I echo the need for an overarching strategy and clear ecosystem KPIs. Creating cohersion between grantee developments and SAFE core iniatives is critical.

I still see tremendous value in creating outcome base reward programs, where projects building on top of Safe and contributing meanginful numbers and value (revenue etc) will be able to earn (vested) SAFE tokens to increase their incentive to build and grow on Safe.

It would be good to understand what resources (both financial and SAFE team contributions) will be available and within scope for OBRA Wave 2.

We previously shared some ideas with @amanwithwings during the workshop, but we believe it’s important to clearly articulate these thoughts here in written form as well.

Regarding Security Objective

We strongly recommend that OBRA allocate additional funding specifically toward security initiatives. Safe already has an existing bug bounty program targeting its core contracts. Therefore, as previously highlighted, our focus should be on two main aspects. First, providing funding support for audits and bounties for applications and tools built on Safe. While it’s not necessary to support every ecosystem project, prioritizing those that the DAO identifies as strategically important is crucial. The Uniswap Foundation Security Fund established for projects utilizing hooks could serve as a useful reference.
Second, introducing RFPs specifically aimed at improving security, with clear, detailed criteria. Given the complexity of security concerns, it’s important that these RFPs clarify the requirements as thoroughly as possible, acknowledging the specialized nature of such tasks and setting budgets accordingly. Additionally, these RFPs do not necessarily have to be strictly KPI-based; more exploratory approaches such as wishlist items, including transaction verification tooling, could also be valuable.

Regarding OBRA more broadly

On a broader scale, beyond just security, we believe that OBRA should initially narrow its strategic focus and invest deeply in carefully developing fewer areas rather than spreading efforts too thinly.
Specifically, the critical areas requiring focus should be security, Strategy 1 (enhancing the utility of the Safe token), and Strategy 4 (advancing decentralization of the Safe stack). “Focus” here implies dedicating sufficient resources—financial, human, and especially adequate time for well-thought-out RFP design. Clearly articulating what is sought through RFPs and performance metrics, along with offering attractive incentives, will significantly lower barriers for external builders.

The rationale for adopting such an approach can be summarized by three points. First, clearly defined outcomes and carefully structured RFPs are essential to directly drive desired results. Second, given the current scarcity of proposals in Strategies 1 and 4, it’s critical to reduce participation barriers and simultaneously increase incentives to attract external contributors. Third, clear RFPs effectively reduce the exploration costs associated with determining which proposals are most relevant and valuable.

There are specific reasons for focusing on these three strategies. Security and decentralization have become particularly urgent following recent incidents, clearly demonstrating their foundational importance. Enhancing token utility directly supports the long-term sustainability of the Safe ecosystem.

Conversely, while Strategies 2 (module ecosystem growth), 3 (increasing Safe ecosystem awareness), and 5 (promoting governance participation) remain valuable, they should be deprioritized given the complexity and importance of the primary three. Although these strategies need not be entirely halted, significantly reducing the resources allocated to them would be necessary. We also suggest shifting toward outcome-based models similar to Morpho’s grant approach or retroactive funding, to enhance effectiveness and accountability.

Hey everyone, appreciate the thoughtful framing of this conversation and the responses from the community. OBRA is entering a more mature phase, and now’s the right time to tighten its strategic focus. Like many others in this thread, I support introducing a dedicated strategy for security, especially given Safe’s role as critical infrastructure.

On Strategy 5, I’d echo what I shared during the OBRA workshop: given the level of engagement with this stratey, it makes sense to refine it to prioritize initiatives that build long-term governance capacity rather than short-lived spikes in participation. As the Curia dashboard and monthly reports showed during OBRA 1, many initiatives drove activity only for the duration of the project and once incentives ended, so did engagement. Combined with a high volume of proposals at the time, this likely contributed to voter fatigue.

Governance participation remains essential, but future initiatives should be tied to measurable outcomes and data-driven KPIs. That could include delegate onboarding with performance thresholds, embedding governance literacy and participation in builder grants where long term alignment with the protocol is stronger, and piloting light-touch incentive models that reward sustained engagement. With the SSC and a potential Grants Council set to reduce voter burden, we now have the opportunity to design participation strategies with more depth and durability. Looking forward to seeing these ideas take shape in Wave 2!