Abstract
All network value depends on protocol security.
This proposal renews the Protocol R&D SPE for an additional six-month term at $50,000/month ($300,000 total) to maintain a dedicated protocol security and maintenance function for Livepeer, building on the operational foundation established in the first term as the security reporting landscape evolves.
It funds continuous Immunefi first-response coverage, proactive security (self-audits + AI-assisted scanning + bug bounty scope improvements), and a monthly release cadence to ship priority backlog fixes on a predictable schedule under Foundation + Security Committee governance. Immunefi bounty payouts are funded separately and are not included in this SPE request.
Mission
The mission of the Protocol R&D SPE is to maintain a dedicated, continuously staffed protocol security and maintenance function for Livepeer that keeps the protocol safe, upgradeable, and continuously improving in a cost-effective way.
Without dedicated capacity, security response becomes less predictable, with slower triage and patch preparation during high-volume periods. Proactive work gets crowded out by report volume, and protocol releases slip, increasing operational load and response latency as the network scales.
This SPE ensures continuous Immunefi first-response coverage, improves bug bounty scope and known-issues hygiene, and adds proactive security (self-audits and AI-assisted scanning) to keep security operations sustainable as tooling evolves. It also protects predictable release windows for priority protocol maintenance, backlog improvements, and selected feature work, with the Security Committee remaining the final review and execution authority.
Rationale
The first Protocol R&D SPE term established the operational foundation for continuous protocol security and safe upgrades: an Immunefi triage and response pipeline, repeatable release/deployment procedures including devnet/testnet validation and upgrade tooling, multiple protocol maintenance releases/upgrades, internal reviews of core protocol contracts, and dedicated first-response capacity in close coordination with the Security Committee. It also demonstrated that Sidestream can operate Livepeer’s day-to-day protocol security function as a reliable extension of Livepeer’s security process: maintaining coverage, moving reports through structured assessment and mitigation workflows, and leading release preparation and deployment coordination under Security Committee oversight. These releases patched real vulnerabilities affecting orchestrator rewards and governance, including a path that could have influenced a treasury-related governance vote.
Since then, the security reporting landscape has evolved. AI-assisted vulnerability discovery is increasing both volume and noise, which can crowd out proactive work and delay releases if the system relies only on reactive response capacity.
This continuation term uses the already-built foundation to keep operations sustainable and predictable:
- Proactive security: complete self-audits and run AI-assisted scanning ahead of new tool/model waves.
- Bug bounty scope + known-issues hygiene: improve scope and known-issues guidance so bounty operations remain efficient and focused on high-signal reports.
- Predictable release windows: maintain a monthly cadence for priority maintenance fixes and improvements.
Across the first four months, 84% of work was security-related, reinforcing that dedicated security capacity is the primary constraint. With early one-time setup work complete, the same $50,000/month budget can maintain coverage while funding proactive measures that reduce future reactive load.
SPE Governance Structure
The Protocol R&D SPE continues to operate under the governance framework established during the initial term.
Management & oversight:
- The SPE is managed and governed by the Livepeer Foundation and Livepeer Security Committee.
- Through their collaboration, they enable the work of the Protocol Engineering & Security Partner (Sidestream).
- The Security Committee retains final review and execution authority for mainnet upgrades and emergency patches.
Roles & responsibilities:
| Body / Role | Responsibilities | Scope | Funding Source |
|---|---|---|---|
| Security Committee | Review and execute upgrades and emergency patches as final security checkpoint | Security oversight; upgrade authorisation & execution | Livepeer Inc. |
| Foundation | Coordinate roadmap, operations, reporting, ecosystem communication, SPE administration, and Immunefi bounty payouts | Program management, coordination, treasury/ops, ecosystem communication, bounty administration | Foundation |
| Protocol Engineering & Security Partner (Sidestream) | First responder for vulnerability reports; protocol maintenance; deployment coordination; proactive security scanning; release preparation | On-chain development, security response, deployment operations, proactive auditing | SPE |
Fund custody & reporting:
- All SPE funds are held in a secure multisig SAFE with trusted signers from the Foundation and the Security Committee.
- The Foundation continues to fund Immunefi bounty payouts separately to ensure uninterrupted vulnerability response. A separate governance process will address reimbursement of Foundation-funded bounty obligations at a future date.
- Reporting cadence and format are defined in Transparency and Accountability (non-sensitive work only).
Milestones and Timeline
Because Immunefi-driven response work can create unpredictable spikes, the timeline below is intentionally structured around stable, high-level outcomes. Individual backlog items and specific tooling choices may shift while preserving the core commitments and reporting cadence.
| Milestone | Target | Description |
|---|---|---|
| Continuous Immunefi Vulnerability Response | Entire term (Month 1–6) | Maintain continuous first-response coverage for incoming vulnerability reports and coordinate mitigations with the Security Committee. |
| Monthly Operational Reporting | Monthly | Publish monthly updates covering status, milestone progress, and what is on track / at risk (non-sensitive work only). |
| Priority maintenance releases | Throughout term | Maintain a monthly release cadence and ship protocol maintenance releases and backlog improvements, with specific items selected as capacity allows. |
| Program scope & signal quality improvements | Month 1–3 | Update Immunefi scope and known-issues guidance to reduce duplicate/invalid reports and improve signal quality (without disclosing sensitive details). |
| Self-audit completion | Month 1–4 | Complete self-audits of in-scope protocol contracts and convert findings into actionable remediation work (patches, backlog items, and scope/known-issues updates where appropriate). |
| Proactive scanning pipeline | Month 2–5 | Operate a repeatable proactive scanning pipeline and complete at least one full scan cycle during the term. |
| End-of-term retrospective | Month 6 | Share budget spent vs approved, milestone outcomes, shipped work, lessons learned, and recommendations for continuing the protocol security function. |
Budget Breakdown
The Protocol R&D SPE requests [N] LPT (equivalent to $300,000 USD) from the Livepeer Treasury, based on the 7-day SMA of the LPT price at submission. This funds a six-month term and pays for Sidestream capacity to deliver the security coverage, proactive security work, and protocol maintenance releases described above.
This request includes ongoing capacity for smaller protocol maintenance patches and backlog items that fit within normal monthly capacity. Larger protocol upgrades or unexpected work that exceeds this capacity would require a separate proposal (or other approved funding path).
In the first term, this capacity was used across three buckets: (i) reactive vulnerability response (Immunefi), (ii) proactive security review/scanning, and (iii) protocol maintenance + feature work. The end-of-term retrospective will publish a clearer breakdown of effort across these buckets.
| Category | Monthly (USD) | 6-Month Total (USD) | Description |
|---|---|---|---|
| Protocol Engineering & Security Partner | $50,000 | $300,000 | Dedicated team for reactive Immunefi coverage, proactive security scanning & self-audits, Immunefi program optimisation, backlog releases, and monthly release cadence. |
| Total SPE Request | $50,000 | $300,000 |
Funded separately (not included in SPE request): Immunefi bounty payouts, Foundation coordination, and Security Committee costs. Immunefi bounty payouts are currently fronted by the Foundation to avoid drawing treasury funds prematurely, with reimbursement handled through a separate governance/on-chain process. Program-term updates to scope, known-issues guidance, and duplicate handling remain in scope to ensure bounty operations continue using review and payout resources efficiently.
Deliverables
The Protocol R&D SPE delivers across three integrated workstreams:
(1) Reactive Security Operations — Immunefi Coverage
Goal: Maintain continuous protocol security coverage and rapid incident response through the Immunefi bounty program.
Outputs:
- Operate as first responder for all Immunefi vulnerability reports — validation, reproduction, mitigation coordination, and patch preparation.
- Maintain established SLA response targets and escalation procedures with the Security Committee.
- Coordinate emergency response procedures for critical/high-severity reports.
Success indicators:
- Continuous Immunefi coverage maintained throughout the term.
- Critical issues resolved or escalated within agreed operational timelines.
- Status and non-sensitive updates shared through monthly forum updates.
(2) Proactive Security — Getting Ahead of the Curve
Goal: Reduce future reactive workload by proactively identifying vulnerabilities before external researchers, and optimising the Immunefi program to reduce noise.
Outputs:
- Complete self-audit of all in-scope protocol contracts (continuation of work started in first term).
- AI-assisted scanning pipeline — establish a repeatable, extensible scanning pipeline using available AI auditing tools to systematically scan contracts.
- Immunefi program optimisation — tighten contract scope, update known issues, and adjust policies to reduce duplicate and invalid report volume.
Success indicators:
- Self-audit of all in-scope contracts completed.
- Scanning pipeline operational and used for at least one full scan cycle.
- Scope, known-issues, and policy updates completed to reduce duplicate/invalid reports where practical.
(3) Protocol Releases — Monthly Cadence
Goal: Maintain a consistent monthly release cadence for protocol patches, upgrades, and selected community-driven improvements.
Outputs:
- Ship protocol maintenance releases and backlog improvements through monthly release windows, using and extending the devnet/testnet validation and release tooling established in the first term where needed.
- Coordinate release candidates from the protocol team and community contributors through the Foundation Technical Lead.
- Publish community-visible release notes for each completed release.
Success indicators:
- At least 3 priority backlog items shipped during the term.
- Monthly release cadence maintained, with deviations explained when security response takes priority.
Transparency and Accountability
The SPE will operate transparently through public reporting and open access to non-sensitive work. Security-sensitive work, including Immunefi reports and vulnerability details, will only be reported at a non-sensitive aggregate level.
- Monthly updates (forum): Status, milestone progress, shipped work, planned next steps, and risks or deviations.
- Open development: Non-sensitive code, documentation, and release notes published in public repositories. Security-critical work disclosed after mitigation.
- End-of-term retrospective: Budget spent vs approved, milestone outcomes, shipped work, lessons learned, and recommendations for continuing the protocol security function.
KPIs / success metrics (tracked and reported at a high level):
- Coverage: Continuous Immunefi first-response coverage maintained.
- Release cadence: Monthly release windows maintained (or deviations explained).
- Delivery: Priority backlog items shipped and milestones completed vs plan.
- Proactive security: Self-audit progress and scanning pipeline milestones completed.
Key Terms
| Term | Definition |
|---|---|
| Protocol R&D SPE | A Special Purpose Entity funded by the Livepeer Treasury to manage protocol security operations, maintenance, and development. |
| Protocol Engineering & Security Partner | The contracted team (Sidestream) responsible for hands-on security response, proactive auditing, and protocol maintenance under the SPE framework. |
| Security Committee | Oversight body responsible for reviewing protocol upgrades, executing mainnet deployments, and guiding security practices. |
| Immunefi Program | Livepeer’s bug bounty initiative that incentivises whitehat researchers to identify and responsibly disclose protocol vulnerabilities. |
| Proactive Security Scanning | Systematic vulnerability discovery using internal researchers and AI-assisted tools, conducted ahead of external bounty hunters to reduce time pressure and bounty costs. |
| Monthly Release Cadence | A structured monthly deployment schedule for protocol fixes and improvements, establishing predictability and professionalism in protocol maintenance. |