Gitcoin support
Gitcoin.coDiscordContact us
  • Welcome to Gitcoin support
  • GRANTS STACK
    • What is Gitcoin Grants Stack?
      • 🚨Transitioning to Allo v2: What You Need to Know
      • πŸ¦‹FAQs for Transitioning to Allo v2
    • ⭐Builder - a guide for Grantees
      • πŸ“°How to create a project in Builder
      • ✏️How to edit your project in Builder
      • πŸ’‘Transfer Project Ownership
      • 🌿Transition to Allo v2: Builder Guide
    • ⭐Explorer - a guide for Donors & the General Community
      • πŸ”Navigating Explorer
      • πŸ“ƒHow to apply to a round in Explorer
      • πŸ’²How to donate?
      • 🌿Transition to Allo v2: Explorer Guide
    • πŸͺ„Program Managers/Round Operators
      • πŸ’‘Add Operators to Round
      • πŸ’‘Add Manager to Program
    • πŸ§‘β€πŸ’»Grantee FAQs
    • πŸ’°Donor FAQs
      • πŸ‘οΈHow can I view my past donations?
      • πŸ’΅How to connect your wallet
      • πŸŽ‰How to Mint Your Impact Attestation
    • Mechanisms
      • Quadratic Funding
      • MACI
      • Direct Grants
      • Retroactive Funding
  • Gitcoin Grants
    • What is the Gitcoin Grants program?
    • Bridging
    • How is the Gitcoin Grants program changing?
    • Tips for Grant Success
    • Gitcoin's KYC
    • ⁉️Gitcoin Grants FAQ
      • πŸ“šWhen is the next Grants Round?
      • πŸ“šWhat are Public Goods?
      • πŸ“šWhy should I contribute?
      • πŸ“šWhat are the Grants Round rules I need to follow?
      • πŸ€–What is Quadratic funding?
      • πŸ€–Why is Quadratic funding powerful?
      • πŸ€–How do you prevent Sybil attacks?
      • 🀨I see a bug or I've got a question, what do I do?
      • πŸŽ‰How much volume has Gitcoin Grants done?
      • πŸ€”What is our Quid Pro Quo Policy?
  • About Gitcoin
    • What is Gitcoin?
    • Code of Conduct
    • Other Policies
      • Gitcoin Grants Platform and Technology
      • Governance
        • About Grants Round Governance
          • What are we protecting?
          • Why does Quadratic Funding through Gitcoin Grants matter?
          • Red Team vs Blue Team
          • Legitimacy as a North Star for Gitcoin Grants
        • Accepting Round Results
        • Making Policy Updates
        • Subjective Decisions
        • Accepting Workstreams
        • Stewards Role
        • Credible Neutrality
      • GitcoinDAO Role in Grants
      • Collection Levels & Participation Policies
        • Ecosystem Acceptance
        • Round Acceptance
        • Sub-Round Acceptance
        • Side-Round Acceptance
      • Grant Participation Policy
        • The Grant Approval Process
        • Platform Level Grant Participation Policy
        • Ecosystem Level Grant Participation Policy
          • Side Round Ecosystem Policy Documentation
            • Ethereum Ecosystem Participation Policy (GR11, GR10, GR9, etc.)
            • GitcoinDAO Ecosystem Participation Policy
            • All Exclusive Ecosystem Policy Documentation
      • User Participation Policy
        • Round User Participation Policy
        • Ethereum Ecosystem User Participation Policy Documentation
        • Ecosystem Level User Participation Policy
        • Platform Level User Participation Policy
        • User Disputes, Sanctions, and Appeals
      • Understanding Potential Attack Vectors
        • Fraud/Impersonation
        • Collusion Attack
        • Sybil Attack
        • Bribery/Quid Pro Quo
      • Active Defense Measures
        • Sybil Detection by Machine Learning
      • The Gitcoin Mission
    • Contact Us
  • Misc
    • Explorer 🀝 Passport Guide
    • GTC Delegation
      • ✈️Quadratic Lands Token Distribution web3 support- Signed Message Vote
      • ✈️Quadratic Lands Token Distribution web3 support- Token Claim
      • ✈️Quadratic Lands Token Distribution web3 support-Delegate Voting Power
    • πŸ€”cGrants/Bounties & Hackathons Sunsetting FAQ
      • πŸ€”What’s happening to the Hackathons and the Bounties program?
      • πŸ€”How to retrieve my data from cGrants
      • πŸ€”What is happening to my data?
    • Gitcoin Governance
      • 🏒What are the governance workstreams?
      • 🏒What is the Stewards delegation program?
      • 🏒How do I get involved in Gitcoin governance?
      • 🏒Who chooses Stewards?
      • 🏒How do I become a Gitcoin Steward?
    • Gitcoin Security Bounty Program
    • πŸ›‘οΈPassport
Powered by GitBook
On this page

Was this helpful?

  1. About Gitcoin
  2. Other Policies
  3. Understanding Potential Attack Vectors

Bribery/Quid Pro Quo

PreviousSybil AttackNextActive Defense Measures

Last updated 1 year ago

Was this helpful?

Attack: Blockchain technology offers unprecedented, decentralized transactional transparency, which is necessary for trustless coordination. But it can also lead to instances of bribery that could sway the QF algorithm to benefit a particular org. For example projects have promised token airdrops to users who have given to their grant. This is a form of quid pro quo in exchange for collusion to maximize their matching fund distribution, which is possible because send addresses are public.

However, not all airdrops are malicious. an Ethereum project offered tokens for anyone who participated in Gitcoin Grants, no matter which grants they funded. But regardless of the intent, this behavior also may cause unintended consequences. If airdrops for Gitcoin Grants participants become common, users may employ bots to donate a small amount to many grants in the hopes of token profits later on.

It is worth noting that sometimes bribes are not explicitly offered, but can still be problematic even when they are implied, as is . While not promising tokens, they do make a point to mention they will soon have one. It’s reasonable to believe they are implying that anyone participating in their grant now, will receive tokens in the future. This grey area is something we continue to work with the community stewards to define policy on.

Another consideration is what effect bots donating might have on the quadratic funding mechanism. Sybil accounts using bots to donate to a collection of grants they think are most likely to offer a token airdrop would skew the payouts from the matching pool. A bot that donates evenly across all grants would not have this same effect.

Gitcoin Action: In the case of an explicit bribe in which a quid-pro-quo is offered and a smoking gun evidence for the same is presented, we will take action to remove the grant from the matching pool.

In cases in which bribes are not explicit, then we expect resolution will come through a formal community governance process.

  • Well-Funded Grants & Community Self Policing

Grants Round 9 also presented an interesting concern that does not fall into an attack category, but did raise questions of legitimacy from the community. Maskbook is a fully funded Web3 project who sponsored the GR9 Hackathon. They released their token in February, 2021 which included a retroactive distribution to anyone who supported their grant in previous rounds.

The controversial part of this is at the time Maskbook still had an active grant. So the community questioned whether or not it is appropriate for funded projects to participate in grants rounds and benefiting from QF matching, particularly if they had set a precedent for rewarding past grant contributors. In this case Maskbook acted quickly and stopped accepting matched funds, which seems in line with the expectations of the Ethereum community.

Both examples show the community was willing to police itself so that direct intervention from the Gitcoin Team was not necessary. This is an important observation to note. The more the community rewards good actors, and deters bad actors, the less the Gitcoin Team needs to be involved in governance decisions.

Gitcoin Action: In the case in which a grant owner decides to remove their grant from matching, we will do it for them.

Right now there is no policy against grants having business models, token models, or VC fundraising, but in the future community stewards (in cooperation with the Gitcoin community as a whole) could create one if they wanted.

Another example is who also had an active grant, but proactively stopped accepting funds from the match pool after their financial future was secured late last year.

Vocdoni
In this example
the case with Minerva