These are good concerns, thank you for bringing them!
First of all, the scope of this grant isn’t to build a production-ready service, I guess it’s not even an MVP but a Proof of Concept (POC) or “Early access” (like in the Steam for games). So the final milestone at this stage for me is to get a working alpha version with the self-sustainability feature where people can join/create communities, create roles and get a payment for their roles, and to get feedback (community review of the $5k grants is part of this) with some experience building it along the way.
Then I’ll start building “contribution” and voting systems and a community governing (voting depends on contribution, community governing depends on voting), and at the stage of building governing there will be security auditing before the v1 release, but it’s out of the scope of this grant, maybe it’ll be the scope of the next one.
Until then I think to put some warnings that this is more a playground than a ready-to-use service, that people shouldn’t rely on it to create something serious and shouldn’t put more money in it than to experiment with it. For me, the biggest security issue for the time being is the user who has root access to all the systems of the service (me) but I can’t protect from this vulnerability until the community governing is implemented and it will be after this grant’s scope.
About the timeline, $5k grants suggest that they will be done in 2-3 months and I specifically planned the current scope only for 2 months so I will have 1 month in reserve. I don’t know if it’s ok with the grant committee but I’m ready to work on it even longer, I’m planning to work on it even without receiving the grant, but the grant would help me. Also, didn’t want to apply for a $25k grant because it’s harder to get it, I wanted to have a public review and I think $5k will be enough for me for now for at least 3 months of developing. The detailed timeline for the current planned 2 months can be seen here - Taiga.
About the backend code, you are right, there is none at the moment - I haven’t started it yet. If you are concerned about my qualifications, I have experience working as a frontend technical lead on a fintech project with millions of users and I have at least middle backend position qualifications with Node.js. I can provide credentials, a GitHub personal account, etc to the grant committee on request. I don’t want to make them public because of the specifics of the Stateless DAO project: some people might be unhappy if people start using it to replace their “for-profit” and “privileged-discriminated” systems with open self-sufficient community-owned ones.
Do you have any other concerns that $5k with 2-3 months wouldn’t cover?