TL;DR

This proposal aims to strengthen the D.U.C.K. knowledge base and governance framework to enhance its real-world applicability and long-term sustainability. Currently, D.U.C.K. operates as an open community-driven initiative without a dedicated organizational and governance structure. The first version was collaboratively developed with contributions from node operators and industry experts.

The next 6-month phase will focus on four key areas:

1. Governance & Coordination – Establish a formal governance model and structured foundation to ensure D.U.C.K.’s longevity.
2. Content Expansion & Industry Alignment – Strengthen D.U.C.K.’s depth and applicability by integrating insights from established risk and assurance experts from globally recognized firms, alongside contributions from Web3 professionals and industry leaders, all while fostering greater community engagement.
3. Framework Enablement – Operationalize assurance and review processes, increase visibility and adoption through strategic marketing efforts and leverage co-marketing support from a Big Four audit firm.
4. Real-World Integration – Drive adoption by enabling D.U.C.K. to be used in assurance frameworks and technical audits by leading professional services firms, helping to set industry-wide standards for node operation risk management.

Recap & Motivation

Since its launch in April 2024, the initial version of D.U.C.K. has successfully established a strong foundation with its core components. We have documented 77 risks within a comprehensive risk framework, defined 27 mitigations and 36 controls dimensions in the knowledge base, and developed more than 20 templates within the Communication Toolkit. The initiative has attracted over 230 visitors from 40 different countries, and the D.U.C.K. community has grown to 56 members across approximately 15 node operators.

However, D.U.C.K. remains an open, community-driven initiative without a dedicated organizational and governance structure, leading to challenges in maintaining and expanding its relevance. The absence of defined roles and responsibilities for updates, outreach, and further development limits its potential for real-world application and puts its long-term sustainability at risk.

To address this, we propose a 6-month initiative that will:

• Establish a formal governance model for long-term sustainability
• Transition D.U.C.K. into a structured foundation or non-profit to ensure its maintenance and adoption
• Expand the knowledge base with risk and assurance contributions from industry leaders.
• Position D.U.C.K. as a recognized assurance and risk management framework, enabling its use in technical audits and assurance engagements with a Big Four firm, helping to set industry-wide best practices
• Attract more industry players and institutions, further increasing D.U.C.K.’s credibility and contributing to a more robust staking landscape overall as stated in [Hasu’s GOOSE Submission].

Additionally, a Big Four audit firm and Lionscraft are co-investing in this initiative by contributing resources beyond the grant request. They are seeking only partial cost coverage, with the Big Four audit firm providing resources and intending to provide co-marketing support as part of the outreach efforts. This demonstrates investment into the success of the project and willingness to share risk, as they themselves expect to benefit from the audits.

Workstreams / Deliverables

Our proposal outlines four workstreams:

Workstreams1663×2149 515 KB

Delivery Approach

Delivery_Approach3827×1210 231 KB

The current proposal requests funding for 6 months of manpower required for execution.

After the kick-off, three key workstreams lay the foundation: Governance & Coordination, which establishes governance structures and fosters long-term sustainability, Content Expansion & Industry Alignment, which develops relevant content and aligns the resources with assurance industry standards and practices, and Framework Enablement, which provides required processes for the operationalization of the framework. The Assurance Upgrade milestone ensures readiness for implementation and is targeted for release around EthCC8.

After completion of the Assurance Upgrade, the focus shifts to Real-World Implementation, where content and processes will be put into practice in collaboration with one to five node operators (to be determined). To bootstrap these initial assurance reviews, we propose to allocate funds to the “D.U.C.K. Funding Launch for Audit Participants” (DUCK FLAP) grant pool. The funds aim to support early adopting Node Operators by covering up to 50% of the assurance review cost and the use of funds will be aligned with Lido NOM representatives. The Final Release delivers a fully operational and sustainable solution.

A follow-up proposal will be submitted later to request funding for the DUCK FLAP grant pool, which will be used from month 4 onwards to defray the audit costs for early adopters.

• A Big Four audit firm will be the IT Auditor for these audits
• The fund will help validators/organizations that choose to undergo an audit as part of early adoption

To accomplish the deliveries, we propose to create three teams with expertise in the required fields. The Delivery team is leading the resource creation by coordinating and supporting the other teams as well as delivering governance and outreach activities. The Assurance team is contributing to risk and assurance related components of the delivery. The Node Operators team is providing infrastructure and operational insights as well as expertise contributions.

The detailed work breakdown for the different workstreams is as follows:

Work_breakdown1663×2149 480 KB

Delivery Team

The Delivery Team is responsible for producing the required deliverables and ensuring that all content is presented accurately and timely, driving the initiative towards its objectives. It consists of members of Lionscraft, who were previously coordinating the development of the D.U.C.K. Alpha Release Initiative, assurance experts from a Big Four firm, and volunteering Node Operators.

Delivery_Team1663×843 76.2 KB

Fees & Payment

The total funding request for the 6 months period is $75,200.00, payable in DAI. The proposed payment structure involves an initial 50% ($37,600.00) payment to commence the work. At the release of the “Assurance Upgrade”, the Lido DAO NOM workstream will determine if the deliverables have been achieved in quantity and quality and, if that is the case, proceed with the payment of the remaining 50% ($37,600.00).

For the “D.U.C.K. Funding Launch for Audit Participants” grant pool, an additional funding request in the range of $100,000.00 will be announced after evaluation of the complexity of the initial assurance review test cases with Node Operators.

All payments will be made to this Ethereum address:

eth:0x1b28728B06BEEd3a5363DA146B59dB372bbAd047

Really happy to see this proposal land on the forum.

I’ve been following the journey of D.U.C.K. since the early days, and it’s awesome to see how much it grew in the previous phase—and how clearly this next phase builds on that foundation. The fact that a Big Four audit firm is getting involved is a big deal. It gives node operators a way to show, in a credible and transparent way, that they’re actively managing the risks that matter—based on input from peers and some of the top operators in the space. That kind of assurance framework could really raise the bar across the ecosystem.

Would love to see this approved and definitely support it.

gm, we missed to publish here that this grant was approved by LEGO council and first part of it was disbursed, sorry, fixing that (was a part of LEGO Q2 2025 report, though). Looking forward to results of this initiative!

Hi all,

Over the last six months we have been working on the “Strengthen D.U.C.K.: Governance, Assurance, and Real‑World Adoption” initiative. Building on the success of the original D.U.C.K. proposal (LINK), the delivery team, node operator and assurance partners have delivered all the outputs promised in the proposal resulting in ValOS (Validator Operations Standard). This post summarises what has been achieved and invites the LEGO council to verify the results and release the remaining grant payment.

Governance & Coordination

• Selection of an appropriate foundation for D.U.C.K.’s governance [Reference: Transition to Lido Labs Foundation completed, ValOS GitHub]

• Governance structure for IP, copyright and licensing [Reference: Legal assessment shared with Lido NOM workstream representatives]

• Legal and operational integration plan [Reference: Transition to Lido Labs Foundation completed, ValOS GitHub]

• Transition roadmap for implementation [Reference: Transition to Lido Labs Foundation completed, ValOS GitHub]

Content Expansion & Industry Alignment

• Knowledge base expansion incorporating contributions from risk and assurance experts and feedback from pilot engagements [Reference: ValOS Release Version]

• Defined content update process aligned with industry standards (e.g., ISO/SOC) and separate ISO/SOC‑specific content [Reference: Decision taken together with NOM workstream representatives to use ISO/SOC references only and mitigate risk of content mismatches, ValOS Release Version]

Framework Enablement

• Defined roles, responsibilities and decision‑making processes [Reference: Governance Documentation shared with NOM workstream representatives]

• Design of a proof‑of‑assurance system (e.g., NFT badge) to verify reviewed entities [Reference: Decision taken together with NOM workstream representatives to use a public register on the ValOS Website]

• Community and stakeholder engagement strategy [Reference: Strategy shared with NOM workstream representatives]

• Rebranding to establish a strong assurance identity [Reference: Rebranding to “Validator Operations Standard (ValOS)”, ValOS GitHub]

• Partnership outreach and agreements with key industry players (assurance firms, node operators, Web3 professionals) [Reference: Request of DUCK FLAP Grant (LINK) and use of the approved funds to subsidize ValOS early-adopter assessments, outreach and agreement initiated and shared with NOM workstream representatives]

In accordance with the payment structure outlined in our proposal, these deliverables mark the completion of the “Assurance Upgrade” milestone. We kindly ask a LEGO representative to confirm that the deliverables meet the agreed quality standards and proceed with disbursing the remaining 50% ($37,600.00) of the grant.

We would like to thank all contributors, the Lido DAO NOM workstream, the LEGO council, our partners and the wider node‑operator community for their trust and support. We are excited about the go-live and adoption of ValOS as a recognized assurance framework and are eager to continue our work going forward.

Adding a confirmation from the NOM side.

All deliverables listed in the “Strengthen D.U.C.K.” proposal have been completed and match the scope and expectations set out in the grant. The governance foundations, the content expansion and alignment work, the shift to ValOS, the assurance and review model, and the outreach efforts are all in place and at a standard suitable for the next phase.

I’m also genuinely proud of where this bird has landed. The shift from D.U.C.K. into a fully formed ValOS framework is a big step forward, and I’m looking forward to seeing the first actual assurances come through in the next months. The public site will be going live soon, and once it’s up it will give operators and partners a clear entry point into the framework.

I also want to acknowledge the way Julian and his team handled this project. They were consistently proactive, brought a lot of creativity to the table, and kept momentum throughout. Communication was clear, collaboration was easy, and they approached the work with a level of enthusiasm that made the entire process straightforward. They delivered well and were genuinely enjoyable to work with.

From my side, the milestones are complete and the work meets the expected standard, so I recommend to LEGO they proceed with the release of the remaining payment.