Security Audit Subsidies: Supporting Builders & Growing Ecosystems
Funding Critical Services and Infrastructure to Attract and Retain Builders
Supporting Builders with Critical Needs: Why Subsidies Instead of Direct Grants?
Crypto ecosystems achieve growth when treasury capital is strategically deployed to increase the number of builders and users.
Grant programs have been the traditional approach to capital allocation, where crypto ecosystems provide funding for builders to embark on various projects. However, such generic grant programs are largely ineffective, highlighted by grant misuse and a lack of measurable impact. We spoke about this last week when we introduced Smart Capital Activation.
The most tangible results come from supporting builders with specific, critical services such as security audits, RPCs and other key infrastructure they need to develop competitive apps.
When supporting projects with these critical services, subsidy programs, rather than grants, have proven to be the more effective model. On one hand, funding for services is distributed directly to service providers, preventing misuse. On the other hand, projects are often required to ‘match’ or commit funds in order to access subsidies, ensuring locked-in commitment with ‘skin in the game.’
Security as a Critical Need for Builders
Security is one of the most critical concerns for crypto builders. Let’s take a quick look at why.
Protection of User Funds and Assets: Crypto projects manage billions of dollars in user assets, and security vulnerabilities can lead to catastrophic losses as we’ve seen repeatedly across the space. This makes the security of projects a top priority.
💡 Over $2.2 billion was stolen in crypto hacks in 2024 alone (source: Chainalysis).
Trust and Reputation: Trust is the backbone of blockchain adoption and usage. Security incidents can permanently destroy user confidence in projects and the broader ecosystem, resulting in the loss of users, investors and partners.
Exploitation of Vulnerabilities: Smart contracts and dApps are usually open-source and immutable once deployed, forever encoding key business logic and data. Builders must conduct thorough audits, testing and reviews in order to identify vulnerabilities and prevent exploitation by malicious actors.
💡 Research from Chainalysis showed that 14.8% (or $325 million) of all crypto hacks in 2024 were due to smart contract or security vulnerabilities.
The Challenges with Accessing Security
Although security is clearly critical for builders, accessing security services and meeting security needs is often challenging. This is due to the following reasons:
Cost: High-quality security audits are expensive, making them unaffordable for early-stage teams and a significant financial burden even for established projects. From our experience in processing almost $18M in audit offers for the Arbitrum Security Subsidy Fund, audit quotes ranged anywhere from $16,500 to as high as $346,000, with an average quote of $140,134.
Opacity: The audit market is highly opaque, making it difficult for projects to make informed decisions. A major challenge is the difficulty in assessing the quality of auditors and determining if costs are fair. For instance, while managing the Uniswap Foundation Security Subsidy Fund, we discovered that quotes for identical audit scopes varied by over 350% for the same project, with no discernible difference in quality. This lack of clarity forces projects to spend significant time and effort contacting different providers individually, negotiating terms and comparing quotes - time that could be spent building.
Complexity: The audit procurement process is both complex and time-consuming, often spanning multiple weeks. Many development teams lack the bandwidth and expertise needed to identify high-quality security providers and navigate the market effectively. As a result, projects taking on this function by themselves are at a greater risk of procuring overpriced or low-quality audits, exposing themselves and the broader ecosystem to security risks.
To support the security needs of builders and drive ecosystem growth, Foundations and DAOs must effectively address these challenges. This is where tailored subsidy programs come into play.
Our Solution: Security Subsidy Funds
As a cornerstone of our Smart Capital Activation framework, we design and manage and implement comprehensive security subsidy programs.
Our Security Subsidy Funds aim to incentivise participation and growth for projects by helping them overcome financial barriers to accessing essential security services. We create a marketplace of pre-approved security auditors who provide competitive quotes for robust security audits, which are subsidized for selected ecosystem projects that meet strict eligibility criteria. The marketplace structure incentivises each auditor to put their best offer forward, given that they are all competing against one another for the same business.
Our subsidy funds ultimately translate into tangible and measurable impact for ecosystems in the following ways:
I. Increase in Cost Savings
Through our competitive marketplace and price discovery mechanisms, we deliver significant cost savings for ecosystem projects, including discounted offers from whitelisted security service providers.
💡 The Uniswap Foundation Security Fund provided projects with cost savings of 30-35% on audit fees.
II. Increase in Security
By increasing the number of secured projects and assets, we help strengthen the overall security of the ecosystem.
💡The Arbitrum Security Subsidy Fund helped secure projects representing $600M+ in combined DeFi TVL for the Arbitrum network as of the subsidy date.
III. Increase in Builders
Our subsidy funds act as an incentive mechanism and magnetic force, catalysing actionable interest from both new builders and those with no prior ecosystem involvement. As such, they provide a competitive advantage to ecosystems looking to attract and retain quality builders over the long term.
💡 78.6% of applicants (or 44 projects) to the Arbitrum Security Subsidy Fund cited the fund as a key catalyst for their decision to engage with Arbitrum.
Key Program Elements
Areta’s Security Subsidy Funds are built on five key elements, designed to maximise value and impact for ecosystems:
Strategic Fund Design: We create custom subsidy models that maximise security impact across ecosystems. Our smart capital allocation mechanisms ensure fair and effective distribution of resources where they deliver the greatest impact.
Provider Curation & Ecosystem Expertise: We only work with pre-approved security auditors who have gone through our thorough whitelisting process. This process entails screening auditors for proven track records and ecosystem-specific expertise, ensuring they meet quality benchmarks, and requiring their commitment to adhere to predefined marketplace rules and other negotiated terms of engagement.
Project Selection & Onboarding: We develop rigorous and strategic selection criteria that align with ecosystem growth objectives and security priorities, while carefully guiding projects throughout the audit journey.
Managed Marketplace Platform: The Areta marketplace is a proprietary platform that facilitates matching between security providers and projects. The marketplace provides an easy-to-use solution where projects are able to request for audits and directly receive quotes from whitelisted auditors. Our marketplace mechanism facilitates price discovery and competitive offers for projects while also providing key features such as tracking and reporting capabilities.
Comprehensive Program Administration: As the most critical component of the program, we provide top-tier execution and fund management. This entails working with ecosystems to define eligibility criteria for projects, whitelisting of auditors, facilitating the matching process between shortlisted projects and security auditors and ensuring all other administrative, legal, financial, and quality controls are in place - without which the program risks failure.
Areta’s Security Subsidy Funds in Practice
Arbitrum Security Subsidy Fund
Overview: Developed as the first-ever security subsidy fund in the crypto ecosystem, this initiative was designed to strengthen the security of the Arbitrum network and accelerate ecosystem innovation.
Scope: Fund size of $2.5M for the pilot phase, covering up to 70% of audit costs for projects.
Key Outcomes:
22 projects secured through comprehensive security audits;
37% of audit recipients had never conducted an audit previously;
78.6% of applicants cited the fund as the catalyst for their engagement with Arbitrum;
Expansion of the fund by the Arbitrum Foundation as a cornerstone security initiative with an allocation of $10M.
Uniswap Foundation Security Fund
Overview: We created a specialised security subsidy fund for the Uniswap Foundation, focused on accelerating Uniswap v4 hooks development by removing critical security barriers.
Scope: Fund size of $1M for the pilot phase, covering up to 100% of audit costs for projects.
Key Outcomes
Total of $10.7M processed across 89 offers in Cohort 1, with 9 projects secured with comprehensive security audits and acceleration of v4 hooks development.
41 applications received across two cohorts.
If you’re looking to refine your approach to capital allocation, enhance builder participation, or drive sustainable growth in your ecosystem, we’d love to chat!
Feel free to reach out via TG to Bernard or Sid - our DMs are open.
Follow Us 🫶🏽