Balancer hack: hard fork

I completely agree; this is a crucial point. If we change the rules of the game, we must debate it. We can’t just do it by a handful of people with a vested interest. This doesn’t mean the rules can’t change, but it does mean that those impacted by the change must be informed and have the opportunity to voice their opinions.
This means that both sides (for or against the change) must accept a decision made by all participants, but for this to happen, it must be widely disseminated beforehand to allow for discussion.

The problem is that NolanV and others, rightly or wrongly (I don’t want to comment based on the information I have), believe the situation would have been different if a handful of influential people had made the decisions while hiding behind the community.

Would you say the same thing if, for example, the hack had been identical but GnosisChain had done nothing because the decision-makers hadn’t been affected?

This is what NolanV is raising, with a certain anger that I understand and share, because in the past, nothing was done, or even attempted to be done, in another case where he was involved (I am not involved in NolanV’s case, nor in the case of the whistleblower).

But I support those calling for a fairer and more transparent process, because I observe that, in this specific case, the chain was very responsive (which is positive), but the reasons for this responsiveness are unclear, and the precedent of a severe sanction is not insignificant. This kind of decision cannot be made by a handful of individuals, especially when one claims to be decentralized; it requires constructive debate and collective reflection, which does not seem to have been the case. If I am mistaken, please provide me with links to these discussions.

My point is not to say that a hard fork should be avoided, but that a solid framework must be defined and approved by a broad majority consensus. Otherwise, the next hack might not receive the same support, for example, if the people affected are different or if the amount at stake is only 15 million.

I ask you, Gnosis Chain: if you lost 10,000 here, recovered it, and then in another hypothetical hack lost another 10,000, unable to recover it because we don’t know who decided not to perform a hard fork, based on what criteria, would Gnosis Chain still be superior to you?

Personally, I think everyone accepts their losses; that’s the very principle of blockchain. From a rational point of view, if we want mass adoption, it’s essential to be able to manage uncontrolled changes. Therefore, I’m not opposed to hard forks, but I am opposed to the way they are imposed and the fact that the rules of the game are neither clear nor fair for everyone.

6 Likes

Agreed there needs to be clear rules, perhaps a “minimum” loss. Also perhaps the contract itself should need to be in operation for more than 3 months and have been audited by at least two parties, Gnosis shouldn’t be responsible for bad code.

4 Likes

First I want to thank the Gnosis team for acting swiftly and ceasing those funds from a bad actor. For this specific case I think it was the right decision! So thank you.

I agree that having a framework for future recovery actions is needed. The SEAL team (securityalliance.org) deals with other Web3 protocols could act as a good reference imho.

3 Likes

dont set the precedent. “recovery method frameworks” can corrupt.

if you show you can do something, eventually you will be compelled to do it- and it might not be a noble cause like “user asset recovery” but instead censorship/theft.

maintain decentralization and the other important ideals.

1 Like

A bit of misplaced jealousy, I suppose. But those who can get their money back… Those who haven’t had this opportunity should be grateful to those who can recover from this particular intervention. Regardless of the past, we shouldn’t act out of jealousy or dwell on it.

However, yes, establishing rules and guidelines should be beneficial.

I support the fork as the soft fork is already done. Time to give the money to the victims.

But this needs some rules: the money is stuck and we can return it even later, but we need some constitution or guidelines for the fork.

What if a team member or somebody influential gets hacked, then he would push for a fork? But if some users without power get into trouble, the team might not intervene as they aren’t affected.

This creates a serious moral hazard:

  • Protocols may become careless about security, assuming they can always be “saved” by a hard fork.
  • Users won’t know whether their funds will actually be protected, or only protected if they are important enough.
  • Validators are pushed into making political decisions instead of just enforcing the network rules.

There might be other scenarios, but hard forks should have some rules or guidelines set.

3 Likes

I agree with the general idea of ​​your point, but if we’re realistic and want to build the finance of tomorrow on Gnosis, we’ll need this kind of capability, because most people won’t accept the risk of loss without being able to take action. It could also be a deterrent for hackers to attack smaller protocols.

But to have this kind of action possible, I completely agree with the risks you mentioned. The structure absolutely must prevent a government, entity, or malicious group from pressuring a small group of people to force through such an action.

This requires a decentralized mechanism, which is absolutely not the case here. It requires public exchange and a vote by the DAO. The best protection the system can have is a large number of participants in the vote to ensure it is executed and that there is no way to circumvent it. Therefore, it must be made very difficult for a small group, which could be subject to pressure, to activate.

But in this case, from what I’m reading here and from some discussions elsewhere, it seems that the opinion of the community, or at least a portion of it, is irrelevant. The hard fork is already programmed and will probably not be delayed.

There’s no word to describe such a situation; in any case, it’s not “decentralized.”

Jealousy in what way?

That’s ridiculous and a narrow-minded view. My only objective is the consequences this will have. If you think that recovering a few million is the only consequence, then you should take a moment to look at the world and consider the precedent this will set.

The reason cryptocurrencies were created is precisely the opposite of what will be done here. Here, it’s a decision made by a group of unelected, unidentified people who unilaterally decide what’s best. Perhaps they’re even making this decision in their own interest, and this decision will have a huge impact on the future of the blockchain.

2 Likes

Yes, it’s jealousy to bring up the past and complain that this is happening again because of this hack. But I wasn’t referring to your situation, but to the other person I spoke with, whom you brought into our discussion, which is why I replied to you.

As for the DAO, you need to decide beforehand, because in the event of a hack, you have to act quickly to prevent the thief from taking all the stolen funds.

Sorry, but even if I’m not the target, that’s a childish argument.
This person, NolanV, fought to get something done; he’s fighting for things to be fair.

If you think that without rules, all future hacking cases will be treated equally, I suggest you insult a doctor, because people change, and pressure can alter actions and commitments.
The only guarantee that things will happen as the community decided is to have a decentralized system where users have control and are the only ones who can decide.

Promises are only valid for those who believe them.

We live in a democracy in Europe; there are no childish arguments. All arguments and counter-arguments are free. Asking “why wasn’t this done in the past and why now? Are there ulterior motives behind all this?” is, to me, a misplaced argument of jealousy. Furthermore, discussing the need for future regulations is a different matter.

Quick update: this was executed yesterday as planned. The signers are now in sync with the other DAO Safes: Safe{Wallet}.

I’ll reply to a few other concerns in this thread soon as well.

2 Likes

Thank you to everyone who has chimed in so far.

Agreed on both counts. This is not an Ethereum-style hard fork like we’ve had in the past, it’s a very different one conceptually.

Well, yes, key word to me here being other chains. In my eyes, Gnosis Chain always had higher aspirations in terms of decentralization and censorship resistance than other chains [source]:

A community-run chain secured by thousands of at-home stakers around the world is a credibly neutral, resilient chain because it’s credibly decentralized and resistant to censorship.

Re: unequal treatment / precedence / future situations

I agree with the general point which I’ve also seen in previous threads. It is also why I believe it is of utmost importance to take this chance and explicitly define the framework under which we want to consider taking steps like these. The rules would ideally be set in stone before this hard fork happens (approved by a DAO vote?). The rules should be extremely strict – we don’t want DeFi protocols to skip audits, ignore findings, or the mechanism to be abused for other purposes. The default action to take within this framework should be “no action”. The rules should also be reviewed and updated over time (e.g. if there’s a hack amount threshold or time-test component).

Unless there is a good reason to perform this hard fork next week, why don’t we agree on that rule framework first, and only then do the hard fork? The only downside to it that I’m aware of is a delay in fund recovery which doesn’t seem like the end of the world given:

a) it’s already been 1.5 months
b) such a big decision is being made
c) there was no precedent for this, therefore victims were not expecting to get their funds back on any specific timeframe

(I am aware delaying the Balancer hard fork also delays Fusaka but that still seems like a minor thing compared to this decision and its consequences)

3 Likes

Well let’s not focus on the “non-arguments” anyways - so I created a list summary of arguments:
I left out the non-arguments, however feel free to note missing ones :slight_smile:

Arguments for simply going through without debate:

  • There are people who would lose money, which is totally preventable
  • Adds a safety layer for defi-users from hackers
  • We are in the position that we actually can (soft-fork is already active)
  • The Hard-Fork is already done and any delay increases the chance of it not working
  • Taking “responsibility” strengthens credibility
  • People without any responsibility, skin in the game or “merit” will always be complaining

Arguments for creating a comprehensive framework how these decisions are done:

  • One-sided decisions without debate are a moral hazard with it’s own consequences:
    • it weakens the community
    • it weakens the credibility
    • pushes people with strong principles away
    • decisive but seemingly arbitrary decisions destroy the argument of adding layer of safety for defi-users → they are at the mercy of a decision in their favour - not generally protected
  • Validators are pushed to make political decisions and “follow orders” instead of enforcing neutral network rules
  • A Blockchain that cannot correct an exploit when it has the tools is less accountable

Arguments against the hard-fork:

  • A Blockchain should not be accountable, a precendence implies a form of accountability and leads to legal risks
  • The general ideals fueling the initial development and adoption of Blockchains
    • violation of “code is law”
    • violation of censorship resistance
    • erosion of corruption resistance
  • It makes GnosisChain look more like a hijacked and corrupted “product”

I guess people may weigh their arguments differently then others, however they should be put into the position to look at the others argument as well and just see that as - yhea it is a valid argument.

5 Likes

I’m still working towards a more extensive response to everything above, but in the meantime thank you for this summary! I agree on the first two sections of course, but I have a few comments and questions for the arguments against:

  • Setting a precedent is leading to greater potential of corruption
    • I don’t quite get this argument. How could this create corruption? Everything we are doing here is public. All client releases are available, with code and everything one might need to convince themselves of what we are doing with this hardfork.
    • This doesn’t make it any easier for anyone to coerce 66% of the validator to do something they don’t want to.
  • Erodes safety layer for users from government overreach
    • Very similar comments to the question before
    • Users are putting themselves in this situation. Somehow, people decided to give StakeWise’s Genesis vault 123k GNO. That’s over 33% of the entire network!! Get your GNO out of there immediately before writing some philosophical comments here please! This is not safe, and if anyone believes any of what they’re saying here, they should definitely not let that happen.
  • violation of “code is law”
    • Well, there’s many ways to see this. As controversial as it may be, code would still be law here, as code is also doing this change.
    • As a matter of fact, code (and thus law) is changed for every single hardfork, of which there have been 13 already if I can count.
    • Law is law in the real world as well. Despite of this, laws are getting canceled, adapted or created every single day.
  • violation of “code is law”
    • Well, there’s many ways to see this. As controversial as it may be, code would still be law here, as code is also doing this change.
    • As a matter of fact, code (and thus law) is changed for every single hardfork, of which there have been 13 already if I can count.
    • Law is law in the real world as well. Despite of this, laws are getting canceled, adapted or created every single day.
  • violation of “immutability”
    • Nothing has been changed in the past. Everything is still there as it always used to be, untouched. We’re not changing immutable history but rather the future. Probably controversial again, some might consider it as a play on words, but to me this could also fit that description.
  • The reason why cryptocurrencies are created is precisely the opposite of what will be done here
    • I don’t think that there is a “reason why cryptocurrencies are created”. Bitcoin did the exact same thing at some point, despite it being “the reason crypto exists”. Basically all known chains have at this point, admittedly for various reasons.
    • Every chain can make their own decisions. To me we’re still very much in the decentralized and blockchain side of things, in the sense that this is not being done unilaterally and come from a consensus from at least 66% of validators. Everything is very much public as well, and everyone is allowed to voice their opinions.
    • Many have compared this hardfork to Gnosis becoming an SQL database or something. This would be discrediting the 6 very long weeks of efforts this took to pull off, and the entire consensus needed behind it. This is extremely far from being a “UPDATE chain SET balance = "0" WHERE address = "hacker"” type of thing. To me it’s a prime example of consensus between people to achieve a (potentially?) common goal.
  • A Blockchain should not be accountable
    • Very true. And no one should hold Gnosis accountable for Balancer getting hacked, which is also why I find some comments about Gnosis reimbursing funds lost in Balancer quite ridiculous.
    • That being said, not being accountable doesn’t mean that we cannot intervene is what could be called a fairly straightforward hardfork to recover funds lost by users of said chain. It should merely mean that the chain is not expected to do it. That’s where a potential framework might prove handy, but even then, validators are still not entitled to follow what a DAO vote or handbook might have to say.
  • People with sense of strong principles looking at the GnosisChain as a hijacked and corrupted “product”
    • I feel like that would be discrediting a lot of people with provably strong principles that agree with the hardfork, like Lefteris and Griff for example. None of which were impacted by this as far as I can tell.
2 Likes

There is another critical downside: the soft fork is inherently fragile. Every day the hardfork is delayed, chances of recovering any funds diminish significantly, especially when new client versions are released, as people tend to update to those. If we delay this until after New Years, I give a non-insignificant chance of wasting all our efforts for the past 1.5 months and losing all the funds.

That being said: even if there was a framework in place, how would you force validators to follow its guidelines?

Could you point me to threads that point out unequal treatment? I only know of the Balancer oracle pool thing, but that is clearly very different from this situation. Am I missing something else?

2 Likes

The argument is not that it “creates” corruption - and maybe the “safety from governement overreach” is redundant because they both cover the same core:
In this argument human beings are seen the main source for corruption - to create a precedent for “welcome” human invervention increases the acceptance for human interventions thus increasing the potential for corruption. For example legal pressure onto Gnosis Ltd might be one of these possibilities if Gnosis LTD cannot defend itself by a “reality” where human intervention is not possible.

Yes, and all it takes is one way where the argument is a valid argument, right? :wink:

I totally agree on the reality of things you have pointed out though.
It does not cancel out the argument though, it just tells us that in reality it seems to be not the killer end-argument for not allowing any updates.

Okay, if that is true then strictly speaking it cancels the argument as not being directly relavant for this case.

So if I get you correctly you actually know the argument, still the reality of things is different. Yes, so there is no problem with the argument - just maybe it is formulated too coarsly and actually would make the other specific arguments redundant.

Exactly. Countering the argument that it “should” because of more accountability.
IMO there is actually no neutral middle ground - if there is an action of taking accountability over smart contract exploits then it means there is accountability.

I will update a few things later to make it more precise.

It is clear that the counterarguments are the idealistic ones. As such their purpose for reality is not to discredit or invalidate good practical solutions. Rather to push for better solutions (having the measure of what is better outside of who is winning or losing money).

2 Likes

You seem to be operating under the assumption that GnosisChain is as decentralized as Ethereum or close enough, and therefore that Gnosis LTD is just another service provider proposing a hardfork, as anyone else could have. But that’s not true; validators can’t really impact the chain independently. They don’t have the final say, for several reasons.

The first, and easiest to verify, is that the vast majority of Gnosis’s TVL depends on the official bridges with Ethereum—bridges that are not protected by the validators (Hashi was abandoned) or the DAO. So even if the validators wanted to diverge from Gnosis LTD’s vision, they couldn’t without the approval of the multisig, which is largely controlled by Gnosis LTD (and its spin-offs).

Secondly, it only takes ~$30M worth of GNO to get the 66% needed for a majority. The circulating supply of GNO is highly concentrated in a few hands, most of which are linked to Gnosis LTD, which reinforces this unique position. Just to give an example, a single one of Gnosis’s co-founders owns enough GNO to take control of the chain.

Finally, I have strong suspicions about the actual decentralization of the validator set. The number of peers is significantly lower than the number of distinct withdrawal addresses ~500 peers for ~2,000 distinct validators(based on withdrawal addresses). This is very strange because peers include both validating and non-validating nodes, so even if the data isn’t 100% accurate, there shouldn’t be such a large imbalance. This seems to indicate that a significant portion of the validator set has split their GNO among multiple wallets while using the same node, which makes no sense since the withdrawal address could be a Safe or a smart contract(eg LSD). I also found a wallet linked to Gnosis LTD that created hundreds of validators with different withdrawal addresses, which reinforces my fear.

All this to say that, no, Gnosis LTD is not just anyone. External pressure, corruption, or any other problem for Gnosis LTD will have a direct impact on GnosisChain. For all the reasons I’ve just stated, whether you like it or not, you are GnosisChain.


Reading what you’ve written, I get the impression that the hardfork is free, that there are no consequences for doing it. However, that seems wrong to me. Just from a very pragmatic standpoint, how many euros were or should have been paid to compensate the workers who participated in this hardfork? And let’s not forget the cost to the chain’s credibility; it’s difficult to measure, but if it were zero, why not have a GnosisLTD/multisig masternode that can make transactions that don’t follow the consensus?

And that’s why I would have liked to have a list of the wallets affected by this hack before working on the hardfork. Imagine if $10M was affected by the hack, but $9.9M of it was the DAO’s money. Perhaps instead of doing a hardfork, the DAO would have preferred to accept its own loss and just reimburse the $100k from the DAO’s funds. This is a fictional example, just to explain the reasoning.


During an incident involving one of the same pools affected by today’s hack, the Balancer EURe/sDAI pool. The vulnerability was a misconfigured oracle cache, as well as the choice of an oracle that didn’t update on weekends. This vulnerability allowed arbitrageurs to steal hundreds of thousands of euros from liquidity providers. Gnosis LTD had known about this vulnerability for months and chose not to disclose it to the public, thereby allowing arbitrageurs to continue stealing money from LPs.

During that incident, Gnosis LTD could have easily defended its users (SafeFi), just as they are for the current hack. For example, by informing them of the problem through all the means at their disposal. The cost to act was very low: a few tweets, a call or two with Balancer to have them update their frontend, deprecate the pool, and the problem would have been solved. Yet Gnosis LTD decided to do nothing and simply blamed kpk and Balancer, while defending them once my report was disclosed.


These are the reasons why I have come to question the real motives behind this hardfork.

I have proof that a considerable portion of the losses from the hack is directly linked to Gnosis LTD, whether it’s their treasury, their executives, or the DAO. I’m not saying that Gnosis LTD wouldn’t have done the hardfork if they hadn’t lost money; I’m just saying there was a diametrically different behavior between two incidents, which, no matter what anyone says, involve losses due to a vulnerability in a smart contract.

Contrary to what you might think, I’m not a hater or a troll. I’ve spent weeks working for free, whether it was to prove that kpk had made major management errors or now to analyze the spaghetti that is GnosisChain and therefore Gnosis LTD. And I’ve done all this solely because I would like to see a thriving GnosisChain become a European competitor to Base & co.

(If you would like proof to support some of my claims, don’t hesitate to ask. I just want to avoid doxxing people too much and keep this readable)

2 Likes

But that’s not true; validators can’t really impact the chain independently.

StakeWise’s Genesis Vault has more than 33% of the stake. That entity alone could prevent Gnosis Chain from finalizing, and thus can objectively impact the chain independently. As far as I know, none of the stake in that vault belongs to Gnosis DAO.

So even if the validators wanted to diverge from Gnosis LTD’s vision, they couldn’t without the approval of the multisig

I don’t really see how that would work in practice. If 50%+ of the chain forks off to something the DAO or Gnosis Ltd doesn’t want, that would mean that the bridges would stay on a network that cannot finalize. This is not something Gnosis can endure for any amount of time, so at some point the bridges have to move or we would need a much more catastrophic intervention on the chain. Also, 4/7 bridge validators now are companies that didn’t spin out of Gnosis (as far as I know), even if I somewhat agree that Hopr could be perceived as such following the Gnosis VPN partnership.

Secondly, it only takes ~$30M worth of GNO to get the 66% needed for a majority. The circulating supply of GNO is highly concentrated in a few hands, most of which are linked to Gnosis LTD, which reinforces this unique position. Just to give an example, a single one of Gnosis’s co-founders owns enough GNO to take control of the chain.

Yes, but also the founders and Gnosis (both Ltd and DAO) have refrained from staking too much GNO in the past specifically in order not to control too much stake. As a matter of fact, Gnosis Ltd does not run a single key in-house for that same reason.

The number of peers is significantly lower than the number of distinct withdrawal addresses ~500 peers for ~2,000 distinct validators(based on withdrawal addresses).

There are currently precisely 1847 different withdrawal credentials. Out of those, 764 are 0x00 credentials, which require a different address for each 1 GNO validator, that could all belong to one person. If you also remove the duplicate withdrawal credentials (for example 0x0200000000000000000000004b4406ed8659d03423490d8b62a1639206da0a7a and 0x0100000000000000000000004b4406ed8659d03423490d8b62a1639206da0a7a) you get a total of 1083 unique keys. So in average there might be 2 different withdrawal keys per validator, which doesn’t sound that crazy to me. Even then, Probelab probably cannot find all nodes on the network.

I also found a wallet linked to Gnosis LTD that created hundreds of validators with different withdrawal addresses, which reinforces my fear.

Would you care to share for everyone?

Tthe DAO would have preferred to accept its own loss and just reimburse the $100k from the DAO’s funds.

I cannot understand how anyone could expect the DAO to reimburse anyone for Balancer getting hacked? So a protocol deployed on Gnosis gets hacked for $10m, and you expect Gnosis DAO to lose $10m, whether they had $0 or $10m in Balancer, and everyone else walks out whole? Why?

During an incident involving one of the same pools affected by today’s hack, the Balancer EURe/sDAI pool.

Let’s please keep the conversation to the problem at hand and not diverge into completely unrelated issues.

If you refuse to see the big picture and how the two situations are closely linked, I have no desire to discuss this with you any further.

I will stick to responding to the factual points.

KPK has invested, at least in the past, in osGNO, so it’s false to say that Gnosis DAO has no stake in StakeWise.
And even if that were true, it wouldn’t change anything. If the multisig controlling the bridge decides to, the chain that is no longer finalizing would be dead almost immediately.

It’s a first step in the right direction ! The last time I looked, that wasn’t the case, but very strong financial ties remain between many of these entities.

This is exactly why I say that Gnosis LTD is not just anybody, and that their leaders must be treated differently from the average person.

This is still very strange, because the peer count is normally heavily inflated by non-validator nodes, so the number of validator nodes is likely considerably below ~500.
The only way to know for sure would be to analyze the correlation of missing attestations.

Of course, I started by analyzing the small validators, because a good number of them weren’t financially viable, which I found strange. There must have been some testing in production or just some hobbyist supporters of Gnosis.

But I came across this wallet (0x496); it received a withdrawal directly from the beacon chain without having made a prior deposit.
The wallet (0x0b8) that made this deposit set up hundreds of validators with different withdrawal addresses.
This wallet (0x0b8) received GNO from wallet (0x524), which itself received them from the Gnosis LTD treasury wallet (0x10e).

I know the example is a bit old, and I imagine there’s a very good reason for this setup, but the result is still the same: Gnosis LTD, at one point, artificially inflated the number of validators.

PS: And I know this was before 0x01, so they had to have different withdrawal addresses. I ask why a wallet linked to Gnosis LTD created hundreds of validators.

Alright, here are some facts. We already had this conversation, but let’s compare the 2 issues:

  1. The Balancer hack
  • Was clearly malicious
  • Happened from one second to the next, no one could have done anything about it
  • Affected a rather large part of the chain’s TVL (7%+ before osGNO and EURe got frozen, 3%+ after)
  • It’s trivial to execute a hardfork for it without any rollback or impacting anything else
  • The funds were deposited in an almost 5 year old protocol that was audited by virtually the whole space
  1. The leaky Balancer pool
  • Happened slowly over months
  • Liquidity providers are responsible for their funds and should have noticed an issue and then withdrawn
  • No one help a gun to any LP’s head to deposit (or did they?)
  • There is no way to execute a hardfork because the funds were moved all over the place already
  • The amount was fairly trivial in comparison
  • It was managed by kpk, not the DAO directly or Gnosis Ltd
  • The funds were deposited in some pool that clearly wasn’t audited by anyone, including LPs

As a side note, for both cases this applies: https://balancer.fi/risks.

There is no way to do a hardfork for the leaky pool, and it wouldn’t make sense for less than 5% of the Balancer issue anyways. There is thus no point in discussing this here further. Those are two completely different situations. You are free to pursue any efforts, but let’s not derail the conversation about this particular hardfork.

osGNO and the StakeWise Genesis vault are two different things. kpk deposited in NEDO, Serenita, Axol and probably a few others as well.

Sure, but it would make no sense at all for Gnosis DAO or Gnosis Ltd to just kill the chain for fun, I hope we agree on this at least. By the way, the Bridge Validators are also completely different from the Bridge Governors, who in large majority are not directly affiliated with Gnosis. The Governors can swap out Validators if they decide to and move them to the new chain if need be. So the above statement also lacks a bit of context at least.

Completely agree, and we’re working hard towards improving that!

Funny you mention this! Dapplion, who is consulting for Gnosis Chain in addition to being a core developer for Lighthouse, was looking into something like this last year: EIP-7716. There should be more nodes, but let’s face it: Gnosis Chain didn’t quite reach the success we would hope for yet. I wouldn’t necessarily assign malice to that, and I believe that Gnosis did everything it could to attract node validators and decentralize, however flawed those programs might have been.

Alright, I’m going to need more time to look into all of this, but regarding the 0x0B9 address it’s simply the thing I talked about earlier: at the beginning of the beacon chain there were only 0x00 withdrawal credentials, which were BLS keys. They are different for each validator, that’s totally expected. Once Shapella was actived, we saw 0x01 credentials, which are execution layer addresses (so normal Ethereum wallet addresses). Now with Pectra there are also 0x02 credentials, which are the same as 0x01, except that those validators compound rewards instead of redistributing them immediately.

So in short: the different withdrawal credentials are normal and even necessary. All validators pre Shapella had to be this way.

Gnosis did not inflate the number of validators. As for Ethereum, the “validator count” is actually only a “number of validator keys”. So 100.000 validators = 100.000 GNO (or 3.200.000 ETH on Ethereum). That has always been how the chain works.

Ok, I just saw the last sentence. I’ll keep the rest because it’s a fair explanation for everyone else reading who might not know about it.

Let me look into the source of those funds then, I wasn’t with Gnosis yet when that happened. But most likely (don’t quote me on this) it’s just Gnosis delegating funds to different providers to gain security at the beginning. The network had to be bootstrapped in some way after all. It might also have been a STAKE vs GNO thing, but again, wasn’t there yet.