Problem & Impact
The specific Ethereum problem we are addressing is the lack of a standardized, verifiable framework for assessing decentralization and maturity levels of DeFi protocols.
Many DeFi applications claim to be “decentralized,” but in reality, they often rely on centralized components such as admin keys, points of failure in governance, oracles, collaterals, or opaque smart contract implementations. This creates a “decentralization illusion,” where users believe they benefit from censorship-resistance and other decentralization advantages, but are actually exposed to hidden risks, such as centralized custody, unverified contracts, or a lack of protection against unwanted upgrades.
This issue is becoming increasingly important over time due to the explosive growth of DeFi on Ethereum and its ecosystems. As of August 2025, DeFi’s total value locked (TVL) has reached approximately $150 billion. Decentralized finance is experiencing significant growth and is a particularly innovative sector, but the decentralized aspect has been overlooked. This could be mitigated or avoided through proactive decentralization assessments, as these tools highlight hidden central points of centralization. For instance, protocols with upgradable contracts or oracle dependencies often fail visibility checks, contributing to billions in avoidable losses over time.
Most community members who are not here for speculation have similar concerns. Vitalik warned us in Cannes (and many times elsewhere) that Ethereum risks failure if decentralization becomes merely a catchphrase without concrete guarantees. KPMG also reports that DeFi’s “decentralization illusion” amplifies risks in areas like smart contract security, questioning the true extent of decentralization in many protocols.
Meaning Check: This matters deeply to users because it directly impacts their financial security and trust in the ecosystem. People lose funds in exploits, leading to real-world consequences like lost savings or halted innovation. Users aren’t just chasing yields; they seek reliable, verifiable systems where decentralization isn’t a marketing term but a protective mechanism against censorship and traditional finance flaws. Without it, participation in DeFi feels like gambling, deterring long-term adoption and contradicting Ethereum’s ethos of empowerment through transparency and censorship-resistance.
“Misnaming things is contributing to the world’s despair” – Albert Camus.
Sensemaking Analysis
The sensemaking process draws from diverse methodologies to differentiate genuinely decentralized DeFi protocols from those with hidden centralized permissions and dependencies.
Our main inspirations come from L2Beat’s methods for decentralization assessments about Layer 2s, Anticapture’s frameworks for capture-resistant governance, DeFi Safety’s protocol ratings, or Bluechip.org, which is a stablecoin rating agency. These inspirations led to the development of the DeFiScan methodology.,
.
These assessments focus on key metrics collected via permission scanners, documentation dissection by researchers, chain explorers, and tools like Tenderly.
Data is aggregated via API pulls and dashboards, synthesized from reports/documentations, tweets, and blogs, and validated through GitHub and Discord feedback. Furthermore, DeFiScan’s framework and website are under MIT license, meaning this is an open-source tool that anyone can use and change.
Gitcoin’s Unique Role & Fundraising
DeFiScan uses a bounty system to encourage people to create protocol reviews. Those bounties can go from $1,000 to $2,000, considering that a long codebase, a large number of permissions, or a large number of external dependencies mean higher payouts.
This bounty system is mandatory because creating a protocol review can take several weeks and requires a high level of technical expertise. This is where Gitcoin plays a unique role.
Gitcoin funding would enable DeFiScan and other domain participants to create many more decentralization / transparency reviews and significantly improve DeFi coverage. In addition, since the launch of DeFiScan, we have received numerous suggestions for improving the framework, and Gitcoin would be a great place to peer-review it.
Gitcoin can uniquely help solve this problem by channeling decentralization-aligned participants to fund and operate open-source tools and frameworks like DeFiScan, L2Beat, Anticapture, and Bluechip dashboards and scanners, amplifying community-driven transparency initiatives under MIT licenses. This fosters verifiable assessments of centralization risks, proposes a community-based standard for what DeFi apps should try to be, and directly addresses the decentralization illusion.
Fundraising Reality Check: Yes, raising $50K+ for this domain is feasible, given DeFi’s scale and stakeholder interest.
DeFiScan has already raised over $100K since October 2024 from sponsors including the Ethereum Foundation, Octant, Giveth, Devcon, and various DeFi protocols, as evidenced by our Gitcoin, Octant, and Giveth campaigns. Likely additional sponsors include security firms, risk agencies, and protocols seeking audited transparency.
Success Measurement & Reflection
We assess success with various metrics:
-
% TVL Reviewed
-
Growth of TVL in highly decentralized protocols.
-
Number of Changes Made: Track 10+ protocol upgrades (e.g., reduced centralization risks, verified contracts, integrated standards in multisig, exit windows, and frontends.
-
Important accounts following/mentioning decentralization and transparency framework through social media, official reports, and GitHub contributions.
Our main goal is to cover 90% of DeFi’s total TVL by November 2025. Currently, more than 80% of total TVL is already reviewed, and some protocols have already been acted upon following our reviews. For example, Uniswap V3 on Arbitrum has three unverified contracts before the review, and two of them were verified after it was published.
Genuine impact will be measured according to the measures DeFi protocols are taking to improve their decentralization.
Satisfaction Test: The Ethereum community will be genuinely glad we funded this domain long-term if it leads to safer, more transparent DeFi standards, solidifying Ethereum as the financial layer of the internet.
Domain Information
Yes, we are proposing a domain for GG24:
“DeFi Transparency and Decentralization Assessment.” or “DeFi Curation”
This domain will focus on funding projects that build verifiable tools for evaluating protocol maturity, risks, and decentralization stages.
Domain experts could include the DeFiScan team, L2Beat contributors, and security/decentralization researchers from EVM and cybersecurity ecosystems adhering to the scientific method, public good funding, and the open source attitude.
We pitch a mix of mechanisms: quadratic funding for broad community input, retroactive funding for proven impacts, and governance tokens to influence DAO programs targeting DeFi users.
We foresee multiple sub-rounds: one for assessment tools (e.g., dashboards, permission scanners, APIs); one for education and standards (e.g., framework updates, conference participation, integrations with academic/private curricula and DAO ecosystems like L2s and DeFi apps). This ensures funding what truly matters, aligning capital with meaning in a cyberpunk, public-good mindset.
Thanks for reading all this! We are eager to discuss this potential “DeFi curation” domain and set a standard with the Gitcoin community!