SPP2 eth.limo Application

1. Applicant Information

Team Name: eth.limo

Website: https://eth.limo

Primary contact: ethdotlimo.eth (Hardware wallet)

Primary contacts:

• cerealsabre.eth
• ethdotlimo.eth

Company overview: We provide tools and public goods for ENS dWebsite connectivity and usage.

Requested amount:

• $600k - Basic Scope / $800k - Extended Scope
• Yes we intend to apply for the 2 year stream.

Size of team and commitment:

• 3 full time employees (engineering/support/devops/admin)

2. Eligibility Confirmation

Company Age & Reputation: At the time of writing, the eth.limo gateway service has been in operation for nearly 4 years. During this period, a number of improvements and new features have been deployed in addition to scaling improvements to handle a large and sustained increase in usage and traffic across our services portfolio. We are an existing season 1 service provider with a well established track record and large user base.

Team Experience: Yes (please see above).

ENS Token Endorsement Requirement: We have secured our endorsement: Snapshot

OFAC Sanctions Compliance: Neither our company or team members are located within an OFAC sanctioned jurisdiction.

We, eth.limo, confirm that neither our organization nor any of our employees, contractors, or executive leadership is located in, or a resident of, an OFAC-sanctioned country. We further confirm that none of our business resources are derived from or routed through any country or entity that is subject to sanctions imposed by the United States (OFAC) or equivalent regulatory bodies. We pledge to remain compliant with all applicable sanctions laws and will promptly notify the ENS DAO if our status changes.

Multi Year Stream Eligibility: We are an existing season 1 service provider in good standing.

Season 1 Application: Service Provider Stream Nomination Thread - #3 by ethlimo.eth

GitHub: eth.limo · GitHub

Prior Updates:

• Eth.limo - Quarterly Update/Blog post
• Eth.limo - Update
• [Temp Check] Reimbursement of eth.limo's ongoing legal fees
• Eth.limo - Q4 Updates
• eth.limo - Everything you've wanted to know - eth.limo
• eth.link is now powered by eth.limo - eth.limo

3. Open Source Commitment

All work is available under MIT license at eth.limo · GitHub.

4. Scope of Work & Budget

4.1 Basic Scope of Work

Requested amount: $600k

Description: The primary usage of funding (but not limited to) is oriented towards covering our existing operational and personnel spend, as well as additional costs related to traffic growth and scaling, and unforeseen expenditures such as legal fees.

1. Existing operational capabilities and associated costs (eth.limo/eth.link/gno.limo).
2. Personnel and consultants (including on-call support).
3. Infrastructure scaling/new deployments.
4. Unforeseen and unexpected costs from “known-unknowns”.
5. Continued integrations and broader contentHash codec handling.
6. Responding to and mitigating abusive content.
7. Providing support for both end users and developers.
8. Continued performance and resiliency optimizations.
9. Continued development and operational work on “trustless”, client-side ENS and IPFS content verification service workers.
10. Ad-hoc development based on user/community requests and feedback (new integrations, tools, services, etc…).

KPIs: We will report quarterly uptime with a target SLA of 99%, in addition to aggregate traffic metrics.

Budget: $600k

4.2 Extended Scope of Work

Requested amount: $800k

Description: Introduction of real-time ENS dWebsite monitoring via LLM tool chains to better identify, categorize, and respond to malicious or fraudulent content. This is a particularly interesting approach that we believe is necessary to better handle the overall threat landscape in web3 and protect end users from fraudulent dWebsites. This includes static code analysis and threat identification. The introduction of ENSv2 and increase in L2 adoption presents a novel threat to all end users through a seemingly innocuous and noble effort: reduce the costs associated with name registration. By drastically reducing the costs associated with the registration and management of ENS domains, malicious actors can now operate with a much lower barrier to entry (spend), effectively allowing the mass creation of cheap domains that can be used for phishing and other nefarious purposes. This second order effect is something that we have spent quite a bit of time analyzing and have concluded that the only meaningful mitigation must include some type of automated detection which can attempt to address some of the unforeseen security implications of broader ENS protocol growth across all chains and resolver types.

KPIs: We will report quarterly uptime with a target SLA of 99%, in addition to aggregate traffic metrics and dWebsite security reports.

Budget: $800k

4.3 Second Year Stream Scope of Work

Description:

1. All items included in “basic scope” and “extended scope”
2. Per “extended scope”, we wish to improve upon the automation and detection of malicious content and begin publishing an ENS dWebsite threat intelligence feed and associated portal. Such a feed could be ingested by other wallet and security products, frontends, and more, providing them with an enriched dataset to better protect end users. Additionally such a service would no doubt provide meaningful insights for security researchers and other interested parties. We aim to dive deep into ENS dWebsite security analysis.
3. Improved multi-region and cloud-diverse infrastructure deployments for all services.

KPIs: We will report quarterly uptime with a target SLA of 99%, in addition to aggregate traffic metrics and dWebsite security reports.

5. Past Achievements

1. IPNS optimizations with the introduction of cache TTLs.
2. Full re-architecture of the service(s) layer with modular components and microservices. Details can be found here.
3. Support for Arweave Name System (ArNS).
4. New website re-design and launch.
5. Improved detection and mitigation of malicious crawlers and bot traffic.
6. IPFS gateway performance optimizations.
7. Documentation improvements.
8. Launch of the gno.limo gateway in collaboration with the Genome team.
9. The coordination and execution of a zero-downtime migration of the eth.link gateway service away from Cloudflare to eth.limo in collaboration with ENS Labs.
10. As a result of assuming operational responsibility for the eth.link service, we have also become the default ENS resolver for IPFS Shipyard developed tools such as Kubo and Rainbow as well as for the dweb.link and ipfs.io gateway services. In addition to dns.eth.link, we also support all traffic originating from resolver.cloudflare-eth.com as a result of service deprecation.
11. In a collaboration with Tally and DAOstar and support from the Ethereum Foundation ESP program, we have produced a comprehensive report detailing DAO security vulnerabilities and mitigating controls. The research explores common vulnerabilities and provides actionable insights to help DAOs strengthen their security posture.
12. Introduction of support ticketing to better assist users and developers alike.
13. Continuous and on-going backend infrastructure improvements.
14. Over 1 billion requests served in 2024.
15. Existing season 1 service provider.

This list is not exhaustive as there are many small day to day tasks that collectively contribute to the overall gestalt of eth.limo. Additionally, while not necessarily an accomplishment, the eth.limo team have been, and still are, laboring under on-going legal matters.

6. Video Introduction

7. Conflict of Interest Statement

We have no conflicts of interest at this time.

Thank you for submitting your application for the ENS Service Provider Program, Season 2. After review, we are pleased to confirm that your application meets the eligibility criteria as outlined in the program design.

We look forward to seeing you in the running for SPP2!

---

Metagov Stewards