S.10 Ep.11 $170M to Fix Ethereum Security (After Another Major Hack) with Griff Green

Welcome to the GreenPill.network podcast. We are exploring how technology, community, and

new forms of coordination can build fund and accelerate what matters in the 21st century.

We are talking to builders, thinkers, and innovators who are pushing the edges of what's possible

from on-chain capital allocation to Ethereum to AI alignment to reimagining markets and

governance.

If you want to learn more, visit our website at GreenPill.network where you can download

the GreenPill books for free, play with some of our projects, or join the telegram or participate

in the network.

All right, today I have Griff Green, who is coming on the show to talk about the Dow Security

Fund, the Dow.fund, new public goods funding initiative that is all about Ethereum's security.

Security is obviously one of the big public goods of blockchain networks, and Griff is

just really passionate about exporting more security to the Ethereum space and working

with top people in the Ethereum space on making sure that it's a secure blockchain ecosystem.

Griff's in OG, he's the co-founder of Giveth, one of the earliest and most persistent builders

of crypto-native public goods funding.

I look at him as a mentor.

We wrap.

I think this is probably his fourth or fifth time on the GreenPill podcast, and I think

it's just really a pleasure to talk to Griff and to riff about how we're going to be

turning this coordination theory into actual on-chain impact with the Dow.fund, so without

further ado, enjoy Griff Green.

Hey, Griff, what's up?

GM, GM.

Good to see you, Rocky.

Likewise, well, we're here to talk about the Dow.fund, so you want to

remind us what that is and what you've been up to?

Sure.

Yeah, so the Dow is an old project back in the day, my original project, and it had like

this catastrophic hack in 2016, where the hacker sold like $50 million, and the Dow at

the time was the largest crowd fund that ever happened, and so it had 14% of all Ether

and existence in it, and we recovered from the hack, Ether Classic emerged, like that's

a whole story in itself, but fast forward 10 years given AI risk and like old contracts

just not being feeling safe enough, we actually had to move some of the funds that were still

in recovery mode, and we decided to stake them and use the revenue from staking.

These old leftover funds that are still claimable by the original people who could claim it,

we're using the revenue from staking to actually fund a Ethereum security, and so the

Dow security fund is me, Taylor Monahan, Jordy Bellina, Vitalik, Alex Fonda Sunday, Lansky,

and PC from Seal 911, founder of Seal 911, so the seven of us are on a multi-sig that

kind of decide the high level of how to spend these funds, but we're doing it from a

Dow style approach, which I think is really fun and very much inspired by Gitcoin, we're

doing these rounds where there's different, our first round is a quadratic funding round,

but then in a few months we'll do another round that will be a different Dow tooling, and

we'll have different Dow experiments every quarter, basically, give or take, funding the

Ethereum security every time.

Great, well the integration that I want to do here is that security is a public good

for all blockchain users, and I think what's incredible is that there's 74,000 ETH, which

is roughly $172 million at current prices for Ethereum security, I think that's the

staked principle amount, and so the yield will be on the order, if I'm doing my math correctly

about five mill per year, and so I'm excited to see what you can do to increase the security

of the Ethereum ecosystem, and especially with mythos out, and all of these hacks that

have happened in the last 48 hours, it feels like, boy, just in time.

So yeah, did I get those numbers right first off?

Yeah, yeah, I mean, it's effectively we're earning four ETH a day, so five mill right

now, hopefully more, hopefully not less than five mill, you know, it is about five mill,

but it's really dependent on the price of ETH or so, you know, if ETH goes up, we have

more money for security, if ETH goes down, we have less.

Right, yeah, there's a reflexive cycle there where you make the system more secure and

more valuable, and so you have more money, and it becomes more secure and valuable.

So I think there could be an upward spiral there for sure, I hope so, I hope so.

Well, I want to get more into the Dow fund, but before we do that, maybe we could do some

context setting over the last 48 to 72 hours, there's been a rash of hacks in the Ethereum

ecosystem, but also in web too.

I think I saw versatile and in lovable got compromised, and then there's also this AVE kelped

out layer zero situation, and you know, I'm wondering if we can paint with a broad brush,

the situation that we're in, are we in a new era when it comes to security?

And then I really want to get into details about this arbitragem decision that it sounds

like you were a part of and how DeFi is going to be secured in the future.

So yeah, paint just a picture of the of the world we're in from a security perspective

right now.

I mean, it feels like a miss, and it's not just web three.

I mean, web three, it's very obvious because there's a dollar sign behind all these hacks,

but there's just countless hacks all over the space, like you said, Versel, and you know,

but I think it's also understated, and it doesn't make the news how many white hat solutions

there are also coming through.

So it's kind of like an AI race between the white hats and the black hats.

Part of the Dow fund, one of the things we're doing is we're collecting all the

top security experts in Ethereum and putting them all in a chat room, right?

And we are about halfway through.

I'll actually announce the rest probably tomorrow when this podcast goes out, we'll have

the final 100 that we're adding to the group.

But anyway, so I have this token gated chat room for just the top Ethereum security experts.

And like these guys are already, they're all using AI on all of them, but a lot of them

are using AI, and they're not attacking crypto stuff, trying to find fallen buildings.

They're trying to find vulnerabilities in TypeScript, you know, in JavaScript, in React, and

they're finding them, and they're reporting them.

And so the exploits we hear about, but honestly, I think that it's, I don't think it's as

grim as it looks, because there's also all these teams are making crazy updates all the

time.

I don't know if you noticed, but like I have to update software, like critical software,

like almost every day it feels like.

And I think that's because, you know, behind the scenes, what we don't see is everyone

is leveling up their security.

And you know, it's a race, but I think there are more good guys than mad, and especially

having mythos and Claude really like slowly releasing AI and doing it in a very responsible

way.

I think we're going to be way better off, like in the next, you know, over the next six

months.

A little transition period, still a little scary.

There's a lot of legacy code out there.

So it feels like a short-term bearish and medium and long-term bullish.

And in the end, we're going to have these systems that are almost formally verified because

they're so Lindy, they've been out there for so long.

Yes, absolutely.

And I think even formal verification, all of a sudden it becomes reasonable for a lot

of this very important tooling.

So I had to take today and I was running to run it by you to get your feedback.

So the Lindyness of a system is the idea that however long something survived, the longer

it's likely to keep surviving.

Like Bitcoin is super Lindy because, you know, it's been around for the longest.

And I think that my like, my hot take is that mythos, the Claude model, taught us that

Lindy doesn't accrue evenly over time.

Every AI each year added a little bit of Lindyness.

But post mythos, when AI can hack, test, and iterate on everything.

Time gets denser.

And so Lindyness accrues faster post mythos and post AI.

Would you agree with that take or disagree and where would you disagree?

I would definitely agree for the most part.

I mean, I think there is a, I think there might be like Lindyness versus there is a level

of like probably an anti-pattern there too that is like kind of fighting against Lindyness.

If you don't update enough, like Bitcoin's super Lindy, but the quantum threat is also

real.

So there's a little bit of a, Lindy isn't the, it's one dimension of a multi-dimensional

system that you also have to account for like, are people actively maintaining it?

You know, because there's Bitcoin which never upgrades and then there's projects that

upgrade all the time because they're centralized and the real way to go is a middle path between

those two things.

Is what mythos in quantum have maybe taught us?

Absolutely.

I mean, you can't, technological, you know, like progress is guaranteed.

So we're going to have to continue to mitigate whatever new ideas come up with the new technology

that occurs.

Okay.

Well, I want to get into it.

You were on the Arbitram Security Council and you guys hacked Kim Jong-un from North Korea.

Tell me about that.

Yes.

Let's get into it.

I know.

It's so great.

I mean, it's like, I, you know, I had a hot take on Twitter as like Kim Jong-un has

been nuking our portfolio forever to fund his nuclear program, you know?

So like, finally, we can actually strike back.

I mean, it was, it's a really rare thing and honestly, it almost, I can't believe that

it happened.

And I wish I could say we could do this a lot, but it's really a rare circumstance where

we were actually able to hack North Korea or, I mean, it wasn't really a hack, but we

were able to, you know, actually take their funds from them and freeze them.

So, so just the facts, what I understand to have happened is that KELPDAL was hacked

on the layer zero bridge and that created a bunch of systemic risk in DeFi because the

Ave pools or other pools that relied on KELPDAL youth were imbalanced.

North Korea is suspected to be the attacker and the funds that they had on Arbitram, which

were about 70 million dollars were revoked by the Arbitram security council.

That's just the facts that I'm aware of.

Did I get that right?

Pretty much.

Yeah, I mean, I think I can give a little more color there.

It was like RSEath is a collateralized like eigenlayer staked youth version that KELPDAL

manages.

They have a, most of their money is sitting on Ethereum, but about 18%, 18.5% of it were

scattered across various L2s using layer zero bridge.

And I hacker, which almost certainly is North Korea, there's a lot of behind the scenes

evidence for that, even talking, we talk with legal law enforcement and lots of people

that they're very certain it's North Korea, although it's hard to disclose this evidence

publicly.

And so what North Korea did is they were able to kind of hack a validator and connect

and convince it to take all the money that was in all the bridges and send it to them

on Ethereum and mean that.

And so when they had all this RSEath, they're like, how do we get the most money out of it?

And Ave had the best liquidity opportunities.

So they bridged it, so they maxed out the liquidity that they could on main net.

And then they bridged a bunch to Arbitram and also maxed out the liquidity on Ave in Arbitram.

And so the interesting thing here is that the RSEath was actually bridged from main net

by North Korea onto Arbitram.

So that RSEath on Arbitram is actually collateralized by the main net ether directly.

So unlike all the other L2s that are kind of out of luck, all the people who had RSEath

on those L2s, that RSEath that was supposed to be on the main net side collateralizing

them is gone, right?

So they have these tokens that don't have collateral.

The RSEath on Arbitram actually was collateralized.

And so it's kind of a weird situation.

And when North Korea had all that ether that they pulled out of Ave by taking a loan against

the RSEath, they just let it sit there.

And this is very uncommon.

It's so uncommon that a lot of people question if it is North Korea because usually second

North Korea gets the ether, they actually try to, you know, cycle through the ether.

They move it.

They launder it right away to prevent us from doing what we did, right?

So there is some question, is this really North Korea?

But the theories are that like they just were working really hard on this hack.

And they had other hacks that they were trying after they succeeded with kelp dow.

There was actually systemic risk throughout DeFi, almost all the layers, zero bridges shut

down because they were worried about this exploit being a thing.

And so the the working theory is, and then there's a lot more details here, but that North

Korea was still trying to exploit the other layers, zero bridges.

And then they were working so hard, maybe they just needed a day off.

I mean, who really knows, there's still humans back there, sure they're powered by AI,

but you know, the AI is still running, the humans are still running the show.

So this is what makes this a very unlikely scenario to ever be repeatable because it's

very rare that the hackers just kind of leave money sitting in one spot.

In this case for two days, they left it sitting in this one address, which is for speed

running these deliberations like this is decentralized governance on steroids.

How many calls did you have or the deliberations like, I mean, this is not a decision to take

lightly, but you also had to act fast that yeah, there's a there's a precedent setting

here.

And I'm really excited to see how the precedent set for other DeFi projects and layer

choose.

Yeah, I mean, I can't speak directly to any of the deliberations because it's supposed

to be all confidential.

I can tell you what I thought and I can tell you like the high level situation, which is

there's a nine or 12 security council of which I was elected to along with 11 other members.

And we basically have the same power as the Arbitram Dow has to upgrade the protocol

in whatever way it needs to be upgraded.

The only difference between Arbitram Dow and their voting like upgrades and ours is that

we have emergency powers.

There's certain things that have time locks and things like that that we can circumvent.

So this is one of those situations where we were able to use our emergency powers and we're

only supposed to use our emergency powers to uphold the Constitution, the Arbitram Constitution.

And in this situation with North Korea, with it almost certainly to be North Korea, $70

million, really, which is a huge amount of money that our other people's users funds.

And this whole situation with the contagion in DeFi, it really each one of at least nine

of the security council members agreed that this was the right thing to do.

And so people who've listened to our episodes before know that you were a part of the White

Hat Group, which recovered the funds from the original Dow hack.

And this feels like a little bit of a fractal of that to me.

Do you, are you getting flashbacks when you're in the deliberations?

A hundred percent.

It's actually incredibly similar.

And, you know, I will say so that White Hat Group, we rescued the Dow.

We rescued the Pairing Multisake Hack, which was the largest one we did, $200 million.

$70 million, this is the third largest recovery effort I've ever done.

Although we did a lot of smaller ICOs back in the day too.

This is like 2017, 2018, the White Hat Group was effectively what seal 911 is today.

Kind of the behind the scenes people you call when something goes wrong.

So 2017, we're mostly helping ICOs and lots of them, much smaller than $70 million,

would mess up and we'd help fix them.

And so we did a, I've done a lot of these recovery efforts actually.

And I think the biggest lesson, which no one, we're not there yet because everyone's

still like, yeah, we thought Kim Jong-un, you know, but the saving, rescuing the money

is always the easiest part.

It's distributing the money back to the users.

That's where things get really messy, really complicated.

Everyone's got different opinions and like, that's the hardest part.

So, you know, we're not through the shit yet, basically, you know, but we have a,

we have a long ways to go.

And it's definitely having flashbacks, especially with the White Hat Group ETC rescue.

So when the Hard Four happened for Ethereum, you know, 14% of all ethering in existence

was in the DAO.

The hacker took a third of it and we took the other, the other, well, it was more like

30%, 70%.

So we had effectively 10% of all ether Ethereum, like the market cap of Ethereum in our, in

our control at one point.

And then when the Hard Four happened, it took it away from us, but we still had it on

ETC.

So we had 10% of all ETC in existence.

And at the time, you know, this was before Bitcoin Cash.

This was before these Hard Forks were really understood how they would work.

We didn't think ether classic would be worth anything.

It was kind of mind-boggling that it was.

And so we made a crazy decision and it was a wrong decision.

But we decided to try to sell the ETC.

And there was no Dex's at the time.

This is 2016, okay?

Like, we couldn't go to Uniswap.

So we went to Centralized Exchanges, Poloniacs, Kraken, Bittracks, and a couple others.

And we actually started selling ETC.

But then Polo froze us and Kraken froze us and they're like, no, you can't do that.

You know, who is this?

Are you hackers?

Like, what's going on?

And so, so then we were in a predicament.

And we learned first off, you got to give users back the assets in the form that they

gave it.

And we were planning on giving them ether back.

But instead, that was the wrong decision we needed to give them back to ETC.

And there were lots of reasons for that decision, but you can read old blog posts.

But what's especially relevant to today is there were three parties that all had to come

to decision about how we're going to give them money back.

So there's Poloniacs, Kraken, and the White Hat Group.

And all of us were holding this ETC separately, but we had to just figure out like, how are

we going to agree to give it all we all wanted to give it back to the users, we all had to

come to an agreement on how to do that.

So we ended up drawing contracts up where that would return to money to the users in a way

where everyone could deposit it at their own leisure and users could claim, right?

And that was how we came to a consensus with working with them where it makes sense.

We can refund the users, give them money back to the Dow token holders.

And Polo doesn't have to trust us.

And Kraken doesn't have to trust us, they can deposit it straight back into the contract.

And I think we're going to run into a similar situation here.

Because Arbitrum Dow, on the technical side, what happened was that North Korea attackers

had, I mean, almost certainly it was North Korea.

But the hackers had the money in an address.

We used a kind of a little hack to upgrade the layer one layer to bridge.

So just let us say that we were them depositing in it in the bridge, but we'll say we basically

used like a forced inclusion in a way, it's like this inbox thing.

I don't know how to explain it without getting too technical.

But we told the Arbitrum Network to say, hey, pretend we are them.

We're moving the money to 0x Dow, you know, 0x DA 0, which no one has a key to.

And so we did that really quickly and boom, now the money is over there.

And so now we have Arbitrum Governance, Arbitrum Governance can do something with that money.

And you know, this is a little more complicated because the White Hat Group was like really

four people.

And you know, Kraken and Polo have CEOs, right?

And so, you know, the two CEOs and the four guys in the White Hat Group were all able

to kind of make a decision and say this is how we're going to distribute funds.

Now we have three Dow's involved.

We have Ave Dow, Kelp Dow, and Arbitrum Dow.

And Arbitrum Dow holds $70 million.

We're kind of like Kraken or Polo in this situation.

And then, you know, Ave and Kelp, they both have a large set of users with different needs.

So now these three Dow's need to decide together how is the $70 million going to get distributed

to their users.

Also Kelp Dow still has, you know, most like all of their RSEath is technically still

collateralized.

So they have all this ETH, you know, $200, $300 million worth of ETHR, sitting in there,

no, it's more than that.

It's almost a billion dollars worth of ETHR, I think, sitting on main net.

And so this $70 million goes into that batch and how are we going to return the money to

the users?

How are Ave has all their users that, you know, have deposits that were basically withdrawn

with RSEath collateral?

Are they going to be relieved?

It's just kind of, it's a huge mess.

It feels, I mean, you said this earlier, but it feels like the thing that you went through

with the White Hat Group, which is four people, but with four Dow's, and it's going to be

once more complicated of a political situation because of that.

I mean, it's hard enough to come to a decision within one Dow.

Now, three Dow's telling me about it.

I've heard.

I've heard.

Into one answer, they have to work together, get one decision, like, oh my God, this is

a mess coming.

But people haven't seen that this, this train is approaching.

I'm, you know, I'm curious to zoom back out.

We started the episode talking about the Dow.fund, which is about Eath Security.

And then the most recent Eath Security clusterfuck that happened.

And, you know, I'm wondering if we could swing back a little bit towards the Dow.fund.

And the prompt that I have to start is, you know, you've got 10 years, a decade of experience

in Eath Security.

And now you have this sort of nest egg that you can use to get us out of this cat and mouse

game and, like, massively accelerate the defensive portions of Ethereum security.

So, you know, how do you even start to think about doing the capital allocation there?

I mean, obviously, you're going to start with the QF round, and I think you're trying

to create, like, flush out all the good projects, so you at least have them on your radar.

But, you know, tell us about the Dow fund and what you got cook in there.

And then maybe we'll weave into the QF round, which is the most immediate action item

from there.

Yeah.

I mean, it's a massive amount of capital, and the question is, how do we spend it in

a great way?

And, you know, for me, the Dow security fund has two main goals.

The primary goal fund Ethereum security, like, I know, today we have the technology in

the crypto space to make Ethereum safer than PayPal.

It is not.

It is nowhere near as safe as PayPal, even though we have the tech to do it.

And so, I really want to accelerate that, bring us there faster.

And that's our primary mission.

Our secondary mission is to support the Dow space.

I'm a, you know, my mission, my, I have not changed.

I've, I came into the Ethereum space in 2015, and I came in the crypto in 2013.

And ever since I got here, my mission has been the same as always.

I, I believe we can build something better than governments.

And so that's what excites me about this space.

We can, we can, we can actually start, you know, engaging people and make decisions from

the bottom up, as opposed to top down coordination, especially around public goods, because that's

what governments are mostly managing.

And what's the number one public good that every government leans on for, for like, their

justification of legitimacy, security.

And state governance, police, you know, all of these things like, and there's a really

good reason for that.

Public goods, like security, scales, has economic of, economics of scale beyond almost any public

good.

It's a lot, it's, it's way more expensive for every individual to secure their home and

secure their space than it is to build a whole city wide solution for everybody, right?

Security scales so well.

It's the same in the theorem of space.

Security scales so well, you know, if, if, if right now, we're kind of in that situation

where everyone in Ethereum is protecting their own house, maybe it's more, for some people,

it's like a surf dog or a feudalism, you know, where they have walls around, you know,

swap, right?

There's a lot, a lot going on within you swap, but they're securing themselves.

I think that we could actually all spend a lot less money on security and be more secure

if we can coordinate.

And so besides the Dow security fund doing a lot of funding, right?

And that's like, that's kind of the, the showing point for us to matter.

We have $150 million, you have to care about us, right?

I'm in 70 today.

So we matter.

But I think the more impact is going to happen through coordination, that's, and that's

really the direction I'm trying to push the Dow security fund and, and we've only been

live since February.

And I think we've actually made huge strides.

I guess we launched, yeah, I mean, we kind of launched in around January for free.

So yeah, we, we're, we actually, like I said before, we have the ETH security badges,

where we got the top 200 experts in Ethereum security, ranging everything, you know, it's

not just smart contract security, it's threat monitoring, it's academic research.

It's like, obviously there is a lot of smart contract security and auditors, but then you

also have this incidence response, the white hats, the, the, like legal researchers, there's,

there's a, you know, wall UX.

There's so many important pieces of Ethereum security and we got them all there in one

room, the top of the top guys.

I don't know why they all decided to fill out my form, but somehow I tricked them into

it.

And now they're all in a chat room talking to each other.

And I think this coordination, we can start from there and actually work on larger scale

solutions that help everyone a lot.

Yeah.

I mean, I'm, I'm, I'm piled on this idea that we can make security a public good as opposed

to something you need to build around your own house.

And I agree there's economies of scale there.

What I think is interesting is you kind of dressed up this public good ethos that we both

share in something that's the most immediate existential risk that it matters to all

authorians.

And I think when people hear region and public goods, they're like, oh, those, those

hippies.

Uh, but when they hear security, it becomes like very activates a safer punk core value even

though it's, it's still just different ways of looking at the same thing.

So I've, from both angles, I think it's all again.

I mean, you, you, you showed me the way, man, I'm not going to lie like you did a great

job with open source funding, open source.

Yeah.

You know, it was always like, we're going to fund nonprofits.

We're going to fund nonprofits.

Yeah, lesser.

You're there.

Yeah.

Road traction, you know?

Yeah.

I think nonprofits and crypto are probably like older and you've done the most to integrate

them.

Yeah.

Exactly.

I mean, I've tried.

But you know, the reason that I keep going back to security is because you wouldn't

believe how many nonprofits I've seen lose their money in crypto in every way you can

imagine.

Yeah.

I want you to do this.

Yeah.

Yeah, sending money to the right address on the wrong chain, sending like, you know, getting

fished, of course, getting hacked, like through smart contract hacks, it's like, it's

really, it's clear that it's not safe for normal people in crypto.

Like, I feel like there's this weird balance where all the Uber nerds, they're like, this

is so secure, you know, but it's not safe.

It's like, it's like building a one lane road on the side of the cliff.

And like, dude, it's reinforced.

It'll never fall.

There could be crazy earthquakes.

The road will still be there.

It's a one lane road and two cars coming.

There's no guardrail.

You know, it's like, ah, yes, it's a great road.

It will get us there.

Ah, it's not safe.

And I think we can fix that and really to do everything I want to do to build something

better than governments, we have to fix it because we need normal people using this stuff.

So yeah, and what I want to say is that what you did with open source, a lot of people

don't think of open sources public goods.

It's like the words public goods are like this weird, magical, the incantation that makes

people look away or project whatever they're feeling on, on the word.

But everyone loves open source.

Everyone loves the theory of security.

We're not going to listen public goods anywhere.

I think that, you know, when you're talking about something that's abstract, like public

goods, people can project their own traumas and beliefs upon it, whereas security is very

object level.

It's very easy to nail down.

Oh, security keeps my bags out of the hands of hackers and, you know, I just think that

there's a trade-off spectrum there.

Yeah.

And we talked about this before.

Coalition funding.

Like, staying focused on a niche is just like a grace track.

Yeah.

There's some news.

Maybe you can invite me on your podcast.

And I'll have some news about, uh, get coins next steps at some point.

But for now, let's focus on the, the, the Giveth QF round.

Uh, it sounds like it's the largest QF round that's ever been run on Giveth.

And it's, give me all the, all the specs, give me all the dates, give me the call to

action.

How can I apply if I'm working on youth security?

Yeah.

So it starts on Thursday, which if this podcast comes out on Wednesday, it's tomorrow.

Um, and, uh, and you can still apply, uh, even though the round has started, if you

know of anyone with a security project that is providing some kind of public benefit and

has provided public benefit in the past, uh, then it can apply for the round.

So public benefit could be open source code that's been around for more than a month.

I had a lot of people have just been kind of spinning up and open sourcing things that

they've been doing, uh, which is really cool.

And I love it, but it didn't qualify for the round.

So I feel really bad for those guys.

Also it needs to be security focused, a lot of great privacy projects have applied.

We couldn't let them in the round.

Um, I think you know this better than most.

If you have really strong eligibility criteria, it just makes the whole round better.

And we've been really sticklers about enforcing eligibility.

There's a lot of gray area there and we're doing our best.

So I, you know, it's impossibly perfect, but I think we're doing a pretty good job.

And, uh, yeah.

And so then we, uh, the round starts on Thursday.

It's a three week long round, instead of two weeks is normal.

So, uh, you will have extra time.

And I believe applications are going to close on the 20, uh, on the 30 on the 30.

So you have to get your application in within a week of the round starting.

And yeah.

And then also, uh, we have this really cool mechanism with, uh, we're doing experiments

to improve, uh, quadratic funding.

So there's, um, one of the things with the Dow security fund, uh, that I,

I really want to push is that you can't just come in and just to read funds for us

without somehow like up leveling the Dow space.

So what we're doing with this round is we have expertise is getting extra weight.

So the Dow is actually going to air, uh, air drop to every badge holder.

These 200 security experts, uh, they're going to get a special voting NFT,

about $100 worth of money to donate and an anonymous and anonymous

eth so that they can distribute the funds, uh, without anyone having the

politics of public donations.

Like I think that was one challenge that we often saw is, uh, you know,

you want to donate to your friends, even though maybe you don't believe that

they're the best project to support.

Uh, so for the experts, we're trying to avoid as much politics as possible.

We're also not making them use their own money.

We're giving them all $100 and if they add extra money into that wallet,

every dollar that they donate, uh, is kind of tuned up.

Every dollar that they donate is worth $4 in distributing the matching pool.

So they, these 200 experts have more influence than the normal person,

but not so much more influence that like normal donations don't matter.

It's kind of this nice balance.

Like I think they'll probably be able to distribute maybe 20 to 25% of the

pool based off their voting, um, which, you know, by up leveling it,

like that's, that's a good thing.

And maybe we'll also be able to generate more funds like by saying,

Hey, you could send money to ask your trusted friend where, you know,

what their address is and like have them send money to them and they can donate

and have extra influence in the round.

And that might even get random people who don't really know what they're doing.

Like they might be able to delegate effectively to their security experts.

It's, it's a big experiment.

There isn't like a formalization of a strategy for every expert to do.

I'm just, I'm really going to watch to see how it plays out,

but I think it's really cool to have this kind of like,

this group of experts in the round with extra influence and free money to actually

participate.

So it's, uh, it's going to be a cool QF experiment.

Was this, um, uh, they're in the token engineering commons.

I remember towards the end of getcoins QF era that there was like an expert

weighted QF that was being worked on.

And it sounds a lot similar to that.

I'm, it is the same group of people, same group of ideas.

I was, I was definitely involved in the token engineering.

We called it tunable QF tunable.

Yeah, that's right.

Yeah.

Yeah.

And, and the way we did it with token engineering commons was that it was like the

TC tokens and people who had NFTs from the token engineering academy.

Uh, they had extra influence.

And what's cool is we're getting rid of the tokens, the, the economic side.

And it's one NFT, one vote like everyone has the same voting power.

So there's 200 experts with all the same voting power.

And we're taking the lessons from that, right?

Making these guilt tripping these people into putting their own money in

because they have extra influence is not the best.

That's why we're air dropping the money.

So it really is kind of a step wise improvement on what we did in the past.

Beautiful.

I think it's a minute.

Oh, I'm actually free, though, off of what you said.

So because I know that getcoin has had larger rounds, like more than a

million dollar round, but have, has there ever been a getcoin matching pool

with a million dollars in it?

Um, I think all the matching pools like sour like 300 K stuff like around there.

Yeah.

So we've definitely had, I mean, so like first off, like, I'm supportive of

Giveth and I think that I don't want to have like a QF matching pool

contest with everyone.

They're definitely in the same range.

Maybe offline I can send you some data and we can, we can compare matching pool

sizes.

But I think I know I support a support you guys one on the round.

You know, it's one of those things where like the round of the sub round.

Yeah, I want to be able to market it to be like, this is the largest matching

pool ever, you know, and then like you get people excited.

Yeah.

It's the definitely largest matching pool for the security fund.

If you want to market it that way, I think you should, and we'll compare data

off off off screen.

I got a couple lightning round questions for you.

If you don't mind, yeah.

Well, actually, before I do that, let's just drop a quick call to

action. So if you want to apply to the QF round, you go to the Dow.fund.

Is that right?

Actually, there will be a link for it coming up.

But the best place to do it, it's go to the Dow fund on Twitter.

And you can find the links to the matching pool to apply.

It's basically qf dot give it dot IO slash QF slash apply.

But yeah, it rolls off the tongue.

Exactly.

So easy, right?

Well, if you can't learn, if you can't market the largest matching pool,

you can, you can market the longest domain.

It's only like five, six words.

Come on.

All right, lightning round is QF still rel.

Oh, so what the lightning round I'm going for is like 45 seconds to 60 second

answers.

So is QF still relevant in 2026?

Absolutely.

I really believe quadratic funding has some challenges to overcome.

But it's one of the few tooling pieces of tools or it's one of the few

mechanisms that came out of the Dow space that actually surpasses Dunbar number

and allows for hundreds of and thousands of people to actually aggregate

their signals and come to an agreement in an outcome that is fair.

I think crypto we're actually doing it in a lot harder way.

I remember when you had the simple QF with credit cards,

if I could find a government or someone who wanted to distribute money with

credit cards to do a matching pool, civil would be solved.

There were so many things that would be easier.

And, you know, when I look at governments and how they distribute funds,

I think QF is a huge level up.

Great.

If you're a maximum successful with the Dow.

Dot fund, what does the world look like in 10 years?

Ethereum becomes the safest place to get a mortgage on your house.

Ethereum becomes the backbone of civil society.

That's for doubt for the Dow security fund to succeed.

That's what I want to see.

And we have the technology for that to be the case.

The only difference between PayPal and a PayPal version on Ethereum is that

there's no PayPal to steal your money.

We can build everything they have.

We can do it.

We have all the tools and we can do it in a non custodial way.

So we can make it safer than any tradfly solution because we don't have

the same custodial, custodial problems.

We just aren't and I think that I think that hopefully with the Dow security fund

having a voice and coordinating everyone together, we can solve a lot of these

safety issues and actually make Ethereum the best place to you to do everything

in the whole basically.

It feels like Vitalik said that low risk defi is Ethereum's biggest use case.

And if you could have provably low risk defi, then that would be the

promise delivered there.

So basically unregable low risk defi could change the structure of how the

financial system and loans happen.

100% and the biggest problem is that yes, smart contracts are secure.

But and we spend so much money on smart construct security, but we're not

spending money on the rest of the stack.

Like this RS eth issue is really a risk analysis issue.

They they went into economic risk and and if you look at Ave, there's all these

like staked eth derivatives that make it to Ave, where's a lot of tokens don't

because oh, well, it's ether large market caps.

It's not going to move much.

There's less economic risk.

But then Ave wasn't doing the risk analysis on what is their security set up.

You know, they're not doing the technical audits themselves to validate that

these tokens were secure.

And if they would have, they wouldn't have given RS eats such a hard high

collateral opportunity.

So I think there's we're still, you know, very young Ethereum defi is what like

six years old basically, maybe eight if you if you want to go way back.

It's it's it's really a young science and we're just learning lessons.

The hard way is as we have to great segue into my next question.

There's been a lot of hacks this year in defi.

What the heck is going on and are these going to keep happening at scale?

AI risk is serious.

I think that they will keep happening at scale.

I think there's also been a lot of hacks that have been avoided that we didn't

recognize that we haven't and we don't appreciate how many upgrades have

happened because of good people using AI to protect the system.

However, I think we're still outmatched.

The incentives for white hats don't really match against the incentives for black hats.

And if we and and I think that's why we're seeing such an imbalance.

If we could actually have a better incentive for white hats to,

you know, attack these systems and improve their security,

then I think we would avoid a lot of this this challenge.

But you know, it's a classic quote, right?

Show me the incentives and I'll show you the outcome.

Right now, black hats, if they hack a protocol, they get $300 million.

If a white hat does it, they get 50k or nothing sometimes.

Often, I mean, I just saw a block full is like, you know, helping all these

dows avoid governance attacks, which isn't sexy.

But and it's hard for the dows to appreciate.

But even get coin is looking into that and being like, oh, we have to change our setup because

there's governance risk and the people aren't paying them.

You know, so we have to build a better culture around white hats.

We need insurance solutions.

We need things like this.

And I think that will avoid this outcome.

But otherwise, I can think we are kind of stuck with it because the incentives are misaligned.

What do you think the future of public goods funding is in the Ethereum space?

So 2026 and beyond, what's the future of public goods, regen,

that kind of space?

I'm really stuck on the fact that right now, crypto is an echo chamber because you have to have

a certain, it's not safe enough for normal users.

Normal people who have normal problems are not going to use Metamask.

They're not going to write down a 12-word phrase.

They're not going to like have non-custodial solutions as they are today.

So we have to adapt.

We have to, in my opinion, the regen space was ahead of its time,

but it is the right idea and it is the right solution.

So I'm short-term, medium-term, very bearish on us being able to address the needs

of the people who want to solve regen problems because the crypto space doesn't want to solve

region problems, they don't care. But I'm long-term very bullish because in the end,

the main thing that crypto can provide is the ability to create an economy around any value

you're creating. And that is where the market failures of public goods can be solved.

It's the only space I know that has any potential of actually addressing these market failures.

Because non-profits, public goods, they are valuable, they create value.

And with this kind of tooling, with crypto economic tooling, we can build economies around that value.

So long-term very bullish.

Is there anything I didn't ask that you want to say?

I mean, we could talk Arbitrum Security Council like there's a lot of precedence being set.

There's a lot of weird things going on. And it's a very spicy topic,

so we're in the thick of it.

So how do you think it all plays out?

Well, I think that it's going to be an agreement between Arbitrum Dow,

Kelp Dow, and Ave. And because the semi-million is still held by Arbitrum Dow,

I think that it'll actually make the best solution for the users,

because it's going to have to be a very public discussion,

not a backroom deal with Kelp CEO and Ave and Stannie from Ave or whatever,

like kind of making these decisions. It's going to have to be like something the Dow votes on,

right? That's the only way to move these funds. And that was very much by design.

So it's very exciting to see this happen in my opinion, because number one, you have the North

Korea Black Eye. What, she just feels good. It just feels so good. I can't tell you.

Like I was talking with Taylor, and she was like, I'm literally crying right now. We've never done

this to North Korea, you know, Taylor. I mean, this has been like, blow after blow. North

Korea for the last couple of years has just been destroying us. And like, you know, they've stolen

billions and billions of dollars. And to get a big left hook, you know, I guess it'd be like this,

a big left hook on them. And like a 70 million dollar strike back, like it's just...

If anyone wants to clip this episode and make a meme of Griff Wright hooking Kim Jong-un,

you're welcome too. I'll take it. I'll take it. Man, I wish. Yeah, but then it's as far as how it all

plays out, I think that we're going to get a good solution where the RSE holders get at least some

of their money back that they would have lost otherwise. But still, it's not going to be a happy

outcome. And because it's not like all the money back, everyone's going to be pissed at the end of it.

Still. Yeah, anything else you want to say before we wrap? I guess I want to talk about a lot of

people on Twitter have been talking about the precedents that this sets with L2s and Arbutram not

being decentralized. And I really think it's overblown. And I'm especially, you know, when I look,

if you go and click people's names and you see how many followers they have, I mean, it is just

like they have zero followers, most of them, you know? Of course, there are some with thousands and

stuff, some of the bots that have been around for a while. But I'll tell you, in the Dow days,

you just can't trust social media. In the Dow days, after the hack, three days, the slack was fine.

There's no issues. We were all coordinating and talking about how we're going to recover the funds

and what we're going to do. And it was a really fast play by playing everything was good. And then

also a switch was flipped and hundreds of bots and people came into the slack and we're just saying

all these horrible things. And I later found out that there's this thing called the Dragon Dan

that a lot of prominent Bitcoiners use that were funding. They were putting money into basically a

socially attack altcoins on Reddit and in their slacks and all this stuff. And so they put

in a bunch of money to get the Dow to make chaos in the Dow. Don't listen to the fudders. Look at

people's accounts. Who follows these guys? There's all these comments that are saying this is a

bad idea. But if you look, it's like one in 20 actual humans that you would have seen in the

Twitter space say this wasn't the right thing to do. And I think that's just important for us to

remember that like social media. Did you see the new Superman? I just watched it on there.

I did. Yeah. It was Superman's one of my favorite childhood heroes and to see him

mealed into a social media morass and that are more complicated 21st century. It was very strange.

It was it was a weird it was a weird movie. I'm not going to say it was good or bad. I didn't

enjoy it. But one part was like where Lex Luthor has all these monkeys spoiler alert. Lex Luthor

has all these monkeys that are like looking at the computers just like screaming and saying like

Superman's idiot or whatever. I can't remember what they had like super super something that he

didn't like. But it was like you know I feel like that is actual reality. You know and so you have

to you have to in this in the 21st century like social media we have to recognize that things

are being manipulated and that the reality is with Arbitrum there's a security council and with

most L stage one all twos there's a security council that has emergency actions. But we only

acted in an emergency and it's actually a really good thing. You know and if you look at the security

councils in the past and actions that they've made I can't point to a single one that I wouldn't

totally agree with. It's really there's a lot that I would say there's a lot of inaction

that I wouldn't agree with and but that's harder to point at. It's really hard to get

nine random people from all over the world who consider themselves security professionals

with their reputation on the line to agree to doing something crazy. Trust me I worked really hard

to help make this happen. It was not likely it to actually happen but somehow it did and

and I think the world is better for it and I think that we shouldn't undersell the decentralization

of these with these security councils in place. It's really really hard to get them to get

security councils to do anything and I actually think Arbitrum is still very decentralized.

Great. Well this is Griff Green everyone go to the dow.fund if you want to learn about what he's

up to go to give it if you want to participate in the QF round and then any other calls to action

for people as they're listening to this episode. Yeah I think it's just the QF round. You know if you

care about Ethereum security if you think Ethereum could be more secure get into the QF round

and actually donate and donate and if you don't want to donate just go into the round and look at

all the cool projects. There's so many great security projects that we all can use and the real

value of this round is not the money being distributed. It's the eyeballs on the security projects

that everyone can use. So get out there like learn about educate yourself especially if you're a

developer like throw a couple dollars around in the round to public goods that you think you're

going to use. It's going to distribute hundreds maybe thousands of dollars just by donating a

few bucks. So I think it's a huge opportunity for the space to level up not even from the money

from just from the exposure. Well I love that. I love that you and I are building this movement

together of public goods on chain and I really learn a lot every time we talk Griff so keep up the

good work and yeah in a couple months when we launch get coins next moves you and I will do an

episode and we'll wrap on that. Oh that would be fun man absolutely please. Yeah all right man

peace and love. You just heard from Griff Green. I'm just really inspired by Griff and always

enjoy riffing with him. I think the Dow security fund is really super cool because Ethereum security

is a public good and I think he's found a way to make that legible to people with the doubt

off fund. If you enjoyed this episode we'd love for you to check out the links in the show notes

or to learn more about the green pill go to greenfield.network. If you value what we're doing please

gratify us with subscriptions rating and reviewing the podcast sharing the podcast with a friend that

really helps us get the message out about how we're green tilling the world with technology and

enjoy the episodes. See you on the next one. Peace.