$25K saved up-front // $60K saved annually // 0 dev hours required
Orange Dao and their first dApp, Passport
Orange DAO, known as the premier web3 DAO, is a trailblazer in the web3 space. Founded by Y Combinator alumni, Orange DAO has raised $80 million to invest in web3 startups and initiatives. Orange DAO’s mission is to advance the web3 ecosystem by leveraging the knowledge and skills of its members.
Passport is the first public good to roll out of the Orange Dao stable. It brings the benefits of web3 to the masses and allows anyone to instantly generate membership NFTs and automatically email them out to their community. Tokens are non-transferrable and members can be added or removed on an ongoing basis through the Passport dApp.
“SlashAuth enabled our team to move incredibly quickly and focus on building magical user experiences without having to worry about indexing and caching tokens across hundreds of wallets. Their lightweight SDK was incredibly fast and allowed us to securely gate our API endpoints with access controls powered by on-chain data.”
— Brian Li, Orange DAO
Securing Passport without blowing the budget
While Passport exists to help other communities, it also has its own security needs. Passport needs to ensure that people with the right credentials have access to its tools and data.
In essence, Passport is the key cutter that makes the keys (tokens) for other communities. It needs to be secure so that nefarious actors can’t cut new keys or cancel existing keys. This would render communities useless as voting, communication, and content would be compromised.
Along with issuing tokens, Passport also holds community data like email addresses and wallet IDs. If stolen, this data would make community members vulnerable to various attacks that could cost them millions, like phishing and airdrop attacks.
The cost of rolling their own web3 auth
Passport needed web3 auth to reliably authenticate and authorize users to keep the communities it supports safe. Web3 auth, consists of two parts: authentication to ensure that only those with the right credentials can access data and authorization so that only the right data can be accessed.
Orange DAO first considered rolling their own auth for Passport. They calculated that it would take them at least 2.5 months with one full-time dev to build a solution. The cost? Somewhere above $25,000.
- Build login functionality — 1 week plus
- Make dApp mobile-friendly — 1 week plus
- Build token-gating — 4 weeks plus
- Differentiate between admins and members — 4 weeks plus
Beyond the initial investment, there were also steep ongoing costs to consider. Maintaining web3 auth for Passport would cost Orange DAO at least 6 months of full-time dev work per year. This would mean an ongoing cost of $60,000 a year.
Beyond costs, Orange DAO was also considering time to market. Adding an additional 2.5 months of dev time for web3 auth was an unrealistic demand.
Orange DAO had to find a faster, more affordable solution.
Saving time and money with SlashAuth
Orange DAO turned to SlashAuth for their web3 auth and within 3 days they were done. They also saved more than 8.5 months of dev time for the dApp’s first year, with an additional 6 months saved every year thereafter.
The process was simple and straightforward. SlashAuth’s clear documentation and support team meant that no dev was required on the client side and multi-level token gating was implemented without a steep learning curve.
It also gave the project leaders peace of mind to know that Passport will remain protected into the future. Constant updates within SlashAuth ensure that Passport remains secure and ahead of compliance requirements as they evolve.
Secure your Web3 dApp now
If you’re like Orange DAO, costs and time to market matter. Avoid the traps of rolling your own web3 auth and use SlashAuth instead.
Not only will you get to market up to 3 months earlier, but you’ll save yourself 8.5 months of dev work in your first year and 6 months a year thereafter. You’ll also sleep better knowing that your content, community, and communications are secure.
Book a demo now to see how much SlashAuth can save you on web3 auth.
