The Carrot DAO has several built-in layers of security to protect itself and the CIP approval process. These include setting clear expectations for the community, generating a close-knit culture, and systematically excluding bad actors. Threats to the ecosystem arise when there is a large enough disparity between the value accrued from controlling the community and the cost associated with doing so. The security strategy for the Carrot DAO is to implement systematic reward/punishment mechanisms that scale the cost of malicious actions faster than the revenue generated from them.

The Carrot DAO leverages punitive measures to deter malicious behavior. Penalties are issued through CIPs to ensure there is no need for intervention from outside entities. They may take the form of exclusions from liquidity pools, suspension of TRC and TCC minting participation, freezing of wallets and token confiscation.

The most common threat to the DAO ecosystems is botting, where internal users try to game the system to their benefit. The Carrot DAO defends against such activity by using moderators, a Holder Reputational System, and an elected team of overseers, the “DAO Board” that can flag behavior/actions that violate Community Guidelines in order to limit future access and thereby risk. Further steps for wallet verification to join the community can be enacted, if necessary, to increase the security of the Carrot DAO at the cost of ease of onboarding.