6.5. 15% Developer Grants

The Developer Grants allocation represents the protocol’s commitment to sustainable, community-driven innovation. Receiving 15% of the net fee distribution (equivalent to 0.045% of the winning bid), this fund is exclusively dedicated to rewarding external contributors who propose, implement, or validate improvements to the Fhenix-FairMarket ecosystem.

By decentralizing development incentives beyond the core team, the protocol ensures long-term resilience, cryptographic advancement, and adaptive evolution in response to emerging threats or opportunities in the sealed-bid auction domain.

Core Allocation Mechanics

Parameter	Specification
Funding Source	Net Fee Distribution (15% of the 0.3% remainder after Keeper Bounty).
Allocation Rate	15% of Net Fee (equivalent to 0.045% of the winning bid).
Distribution Trigger	Atomic split executed during the `submitResolution()` or settlement phase.
Access Control	Governance-Approved Proposals + Multisig Execution (5-of-9) + Timelock (48h).
Usage Policy	Strictly limited to: (1) Protocol code contributions, (2) Academic research on FHE/CoFHE, (3) Security audits or tooling improvements, (4) Educational content and developer onboarding.

Economic Flow Example

For an auction with a winning bid of 100 ETH:

Success Fee (0.5%): 0.5 ETH collected.
Keeper Bounty (0.2%): 0.2 ETH paid to the executor.
Net Fee: 0.3 ETH remains for distribution.
Developer Grants (15% of Net): Receives 0.045 ETH. (The remaining 0.255 ETH is split among Treasury, Insurance, and Bug Bounty).

️ Technical Implementation

1. Deterministic Routing (`GrantsRouter.sol`)

The Grants allocation is mathematically enforced at the smart contract level, ensuring no discretionary overrides.

// Conceptual Grants Routing Logic
function _allocateNetFees(uint256 netFeeAmount) internal {
 require(netFeeAmount > 0, "No fees to allocate");
 
 // Grants Fund receives 15%
 // Calculation: (netFee * 15) / 100
 uint256 grantsShare = (netFeeAmount * 15) / 100;
 
 // Route to Grants Vault (Governance Controlled)
 grantsVault.deposit(grantsShare);
 
 emit GrantsAllocation(grantsShare, block.timestamp);
}

2. Governance-Gated Disbursement (`GrantsGovernance.sol`)

Funds are not distributed automatically. Each grant requires a formal proposal, community review, and multisig execution.

// Pseudo-code: Grants Proposal & Execution Flow
struct GrantProposal {
 address recipient;
 uint256 amount;
 string description; // IPFS hash of detailed proposal
 uint256 submittedAt;
 bool executed;
 mapping(address => bool) hasVoted;
}
 
function submitGrantProposal(
 address recipient,
 uint256 amount,
 string calldata descriptionIpfsHash
) external onlyGovernanceMember {
 require(amount <= grantsVault.balance(), "Insufficient grants balance");
 
 uint256 proposalId = proposals.length;
 proposals.push(GrantProposal({
 recipient: recipient,
 amount: amount,
 description: descriptionIpfsHash,
 submittedAt: block.timestamp,
 executed: false
 }));
 
 emit GrantProposalSubmitted(proposalId, recipient, amount);
}
 
function executeGrant(uint256 proposalId) external onlyGovernance {
 GrantProposal storage proposal = proposals[proposalId];
 require(!proposal.executed, "Already executed");
 require(block.timestamp >= proposal.submittedAt + 48 hours, "Timelock not expired");
 
 proposal.executed = true;
 (bool success, ) = proposal.recipient.call{value: proposal.amount}("");
 require(success, "Grant transfer failed");
 
 emit GrantExecuted(proposalId, proposal.recipient, proposal.amount);
}

3. Transparency & Accountability Measures

Every grant allocation is publicly auditable via on-chain events and off-chain documentation:

event GrantProposalSubmitted(uint256 indexed proposalId, address indexed recipient, uint256 amount);
event GrantExecuted(uint256 indexed proposalId, address indexed recipient, uint256 amount);
event GrantRejected(uint256 indexed proposalId, string reason);

Grants Lifecycle & Governance Flow

Eligibility & Evaluation Criteria

Grants are awarded based on verifiable impact and alignment with protocol goals:

Category	Description	Example Projects
Core Protocol Development	Direct contributions to `FhenixFairMarket.sol`, `CofheAdapter.sol`, or settlement logic.	Optimizing `FHE.lte` gas usage, implementing Vickrey pricing enhancements.
Security & Auditing	Independent security reviews, formal verification, or tooling for FHE vulnerability detection.	Slither custom detectors for FHE patterns, Mythril rule extensions.
Academic Research	Peer-reviewed papers advancing FHE/CoFHE theory or auction mechanism design.	”Constant-Time FHE Sorting for Sealed-Bid Auctions” (arXiv/IEEE submission).
Developer Tooling	SDKs, CLI tools, or documentation that lowers the barrier to protocol integration.	`@fhenix-fairmarket/js` SDK, Hardhat plugin enhancements.
Education & Onboarding	Tutorials, workshops, or translated documentation expanding global accessibility.	Arabic/Chinese technical guides, video walkthroughs for `ERC-4337` session keys.

Evaluation Framework

Proposal Submission: Detailed scope, timeline, deliverables, and budget submitted via GitHub Discussions or dedicated portal.
Community Review: 7-day public comment period for feedback and refinement.
Governance Vote: Multisig council (5-of-9) evaluates technical merit, budget reasonableness, and alignment with roadmap.
Milestone-Based Disbursement: Large grants (>5 ETH) are split into tranches tied to verifiable deliverables.
Post-Grant Reporting: Recipients publish a summary of outcomes, code repositories, or research outputs for public audit.

️ Security & Integrity Guarantees

No Discretionary Overrides: The 15% allocation is hardcoded. Even the Multisig cannot unilaterally redirect grants to non-approved recipients without a governance proposal and timelock.
Multisig Redundancy: The 9-member council includes diverse stakeholders (Core Devs, Security Auditors, Community Reps, Academic Advisors). A 5-of-9 threshold ensures no single entity can approve grants unilaterally.
Event Transparency: Every proposal submission, approval, execution, or rejection emits an indexed event, enabling real-time tracking by the community and DAO dashboards.
Milestone Verification: Large grants require cryptographic proof of deliverable completion (e.g., merged PR, published paper, deployed tool) before subsequent tranches are released.
Anti-Sybil Measures: Recipient addresses are screened for prior malicious activity; grants to newly created wallets require additional identity verification via Gitcoin Passport or similar.

Audit Gate Compliance (P1 - Pre-Mainnet)

Progression to Mainnet deployment requires the Grants module to pass the following verification gates:

[] Deterministic Math Verification: Unit tests confirm the calculation (netFee * 15) / 100 is precise and handles dust correctly.
[] Governance Ownership: owner() of the Grants Vault points to the Governance contract, not an EOA or single multisig.
[] Timelock Active: Grant execution functions revert if called directly without a queued proposal and 48h delay.
[] No Admin Drain: Static analysis (Slither) confirms no function allows a single address to sweep the Grants balance.
[] Event Emission: GrantProposalSubmitted, GrantExecuted, and GrantRejected events are triggered and indexed.
[] Milestone Logic Tested: Unit tests verify that tranche-based grants require proof-of-deliverable before release.

Unresolved Points & Explicit Gaps

Gap / Unresolved Point	Impact	Current Status	Recommended Action
Initial Grants Bootstrapping	How is the Grants Fund seeded before auction fees accumulate?	Not explicitly detailed in current `P0/P1` matrices.	Allocate a one-time treasury seed (e.g., 2-5 ETH) or partner with ecosystem funds (e.g., Fhenix Foundation) for initial grants.
Grant Evaluation Metrics	What quantitative KPIs determine “verifiable impact” for research or tooling grants?	Docs mention “impact” but lack specific scoring rubric.	Develop a weighted scoring matrix (Technical Merit 40%, Community Benefit 30%, Feasibility 30%) documented in `governance/grants-policy.md`.
Cross-Chain Grant Portability	If protocol expands to multiple L2s, can grants fund cross-chain tooling?	No architectural provision for multi-chain grant coordination.	Design a cross-chain messaging layer (e.g., LayerZero) or unified grants DAO in v2.1 for ecosystem-wide funding.
Governance Vote Threshold for Grants	What quorum is required to approve a grant proposal?	Docs mention “multisig vote” but lack specific threshold for grants vs. treasury spends.	Define explicit threshold (e.g., 6/9 for grants >10 ETH, 5/9 for smaller grants) in governance contract and document in `security-model.md`.

Fact vs. Analysis Distinction: The 15% allocation rate, governance-gated disbursement, and multisig access controls are verified facts from the official Whitepaper and Technical Specification. The bootstrapping strategy, evaluation metrics, and cross-chain portability are unresolved architectural gaps that require explicit definition before Mainnet deployment.

Next Steps

Proceed to 6.6. 5% Bug Bounty to understand the Immunefi integration and vulnerability disclosure workflow.

Review Governance & DAO Transition for the multisig-to-DAO handoff procedure and grants voting mechanics.

Explore Contributing → Grants Program for proposal templates, eligibility guidelines, and submission portal.

6.4 Insurance Fund (20%)6.6 Bug Bounty — Immunefi (5%)