Simple Summary

• GnosisDAO sends 8839.25 GNO and 234.37 ETH to the Agave treasury, equivalent to 55.6% of the hacked funds.
• Agave Initiates a Gnosis Auction of 25K AGVE denominated in ETH and uses the raised funds to cover wxDAI, USDC, LINK, ETH and WBTC equivalent to 24.39% of hacked funds and builds its treasury.
• GnosisDAO bids a price equivalent to the last 6 months average moving price for the total AGVE auctioned using Tradingview 180 day MA on day of the exploit.
• Agave refunds 80% of the hacked funds to users in agTokens, and will evaluate in the future how to repay the remaining 20% of the hacked funds.

Details

After extensive deliberation we believe this exploit of hundred finance and agave on march 15th 2022 does not 100% fall on the users, the protocols, or the bridge (Gnosis Chain). Therefore we believe all parties should share the burden. Since this is a proposal to the Gnosis DAO we would like to make our case as for why we believe Gnosis should be a part of the solution. Although it is unfortunate that Gnosis inherited the bridge and token state on chain as part of the acquisition, gnosis among some reputable unbiased accounts (quote mudit and shegen tweets), suggest that this ‘feature’ to be significant enough of a problem to propose a hard fork. Hence we offer the following proposal.

Agave intends on fully reimbursing all the lost funds of the users in 3 methods, the first two methods are intended to cover 80% of the reimbursement effective immediately . The third will be for the Agave DAO to determine how to reimburse the remaining 20% and is out of scope for this post. Issuing a debt token or investigating various loan options are currently being discussed as probable solutions.

As for the first two methods, Agave will be holding an open auction to raise enough capital to repay 100% of agave’s current circulating mCap of $1.378M and uses the raised funds to cover wxDAI, USDC, LINK, ETH and WBTC in the amounts shown in the figure below, which is equivalent to 24.39% of hacked funds.

Agave circulating mCap $1.37M, calculated subtracting 1hive+Agave DAO holdings from max supply then multiplied by closing price of token on day of the exploit, $55.75. (100,000-70,275.283-5,000 x $55.75 = $1,378,402)

25,000 agve tokens will be listed on the gnosis auction we are asking GnosisDAO to set the floor price of the auction to the 6 month moving average ~ $127.4458/agve. Anyone is welcome to participate in this auction and/or buy agave on the open market. Note: there are less than 30k agave tokens in circulating supply; 1hive holds 5k, there are ~9k staked, ~11k in various wallets, and only ~5k agave tokens on the open market so no $USD amount can currently purchase more than 5k agave tokens on the open market.

Agave is requesting the lost $GNO funds which would include ~8839.25 lost GNO + the remaining loss of ~234.37 ETH be covered by the GnosisDAO. As outlined above, the agave community isn’t taking this lightly, agave users and the Agave protocol is absorbing a significant amount of the loss relative to their ability and we believe this to be far from a gnosis bail out and a fair respectable offer. We are hopeful this lays the foundation for a continued positive mutual relationship between the DAOs. The details and breakdown of each asset is shown below. We welcome and look forward to any and all community feedback.

1143×352 19.9 KB

Striving to fully reimburse Agave users by sharing the burden between all parties would help those who were hurt while increasing confidence in the Gnosis Ecosystem. Because this particular exploit took advantage of the connective points between the parties, future protocols(especially smaller more experimental ones) would otherwise have to think twice before deploying their projects in the ecosystem. It clearly wasn’t as simple as dropping in a battle tested protocol fork from mainnet in a plug and play fashion. This doesn’t mean future incidents will always call for a reimbursement, especially if the responsibility lies only within the targeted protocol, but in this case it goes beyond the hit protocols themselves involving how protocols, bridges etc. work together in a way that projects should otherwise be able to easily deploy and rely on.

I agree with the proposed method of splitting up the support into three separate approaches and hope that after reimbursement and a hard fork that this experience can at least serve as a learning experience that makes the ecosystem as a whole more trustworthy in the future.

As a long term supporter (since 2020) of the Gnosis (formerly xdai) chain I’m fully supportive of this iniciative. Before Agave (before February 2021) there was no money market present on chain (maybe except for Sushi, but that - for a generic user like me - is not an option and not their mainline product compared to their AMM). Every chain that is striving for adoption needs to have at least a decent lending protocol to attract TVL. Just by looking at Defillama, most other chains TOP TVL projects have at least 1 money market.

Agave is a fork of AAVE so I was confident that I’m using a battle tested and relatively safe protocol. Gnosis chain was one and only chain that haven’t suffered a hack and the oldest out of all the competitors with a bridge that was first of it’s kind and audited extensively. This peace of mind made me to deposit and hold my hard earned coins there to:

• Support Agave
• Support the chain

When the acquisition of xdai came from Gnosis I was supportive. As an investor it meant to me that we will have a healthy DAO with a serious treasury and some progress in xdai’s transparency and communication internally and externally as well, so all the tools that would make us competent. It made this space even safer for me.

Hacks happen everywhere, this is inevitable. Me as a DAO member would fully support any restoration for any protocols as soon as they propose a well thought out reimbursment plan. 1hive, Agave, these are the products that defines GC for me. Losing any of them due to lack of support from DAO would result in losing my faith.

I’m 100% supportive of the above proposal. With it everyone will share a piece of the cake as the findings of this attack is affecting the whole chain and I’m willing to support the fix. We will come back stronger than before and we can make a precedent here.

Will Gnosis receive AGVE token for their contribution? Seems like the simplest way to re-capitalize Agave while also giving Gnosis a seat at the table is for Gnosis to but AGVE tokens. I would even support a partial takeover of AGVE by Gnosis where Gnosis buys up a portion of the circulating the Treasury AGVE then spins it off at a later date to GNO holders

The proposal lgtm, and I support it.
3 things that are not clear to me:

• so, gno and weth will be used to repay the lost funds. how this will work for the people who lended wbtc/link/stables? they will receive gno and weth instead of their tokens (if yes, at what ratio?), or weth and gno will be sold for the other tokens proportionally (doesn’t that create a sell presure?);
• some people borrowed nothing, some poeple borrowed up to 80% (I think this was the limit), how will things will go when refunding is live? Because, the first category lost 100% of their money, and the other category lost only 20%. And from what I understand, everyone will receive 80% of their funds in a short time;
• I think that will lead to a governance vote, right? So those with GNO will have vote power. All my GNO were in AGAVE (so they disappeared). The key question, will agGNO have the power to vote?

I also support the proposal. We should always put the long term success of the chain before the short term. Here are my reasons why a reimbursment will help the long term success of the chain:

1. A lot of the effected users are early adopters/ long time supporters of the ecosystem. If we don’t support these people this might hurt the long term growth of the chain. It is crucial for the success of the ecosystem to have core users.

2. Gnosis DAO was willing to spend 200 mil in ecosystem rewards. If we are willing to spend this amount to attract new capital, it is absolutely reasonable to spend some of the funds to preserve parts of the ecosystem.

3. This will improve the relationship between GC and the users, users will probably feel like they have to give something back. They might get more involved in governance, are more active in discussions, help to promote/grow the ecosystem.

Thanks for the well thought proposal, imo it makes a good balance between the different involved parties, I am in full support of this (although my gno holdings are much larger as my lost agave funds;-)).
@Viszla : as I understand gnosis will get 25k $Agave (the auction with the floor price of US$ 127 will hardly attract other bidders).
@0xce9b37656e7d331b70 : the first two topics you raise have to been addressed to Agave Dao, but as I understand reimbursment is planned to be done in the tokens lost as far as possible. The third point (if agGNO will be able to vote) is an valid one, but I am not sure if it’s worth the effort to modify the script for getting the snapshot for vote for this one time vote, also regarding the small number of affected gno (compared to the whole mc or even the participation in last snapshot vote that was 87k GNO). Also, this might need another proposal first and thereby delaying the process.

understood your opinion, it makes sense.
thanks!

Thank you for the proposal, I am delighted to see all different parties willing to take responsibility on the issue.

I support your judgment on this matter.

As usual, great stuff Monstrosity. Thanks for the transparency in everything going on.

As someone who is a huge supporter of Gnosis/xDai chain, I’m a bit disappointed that they didn’t fork many months ago when they knew this could potentially cause problems in the future. I think we’re lucky that the damage was relatively small – it could’ve been a lot worse. But the fact of the matter is, this potential attack vector was known by a small group of people after the second audit; instead of patching it up with a network-wide fork – which is always a huge undertaking, I’m not saying it would’ve been easy – it seems like it was swept under the rug with a cheap bandaid.

I’m not sure how the timeline of this audit aligns with the Gnosis/xDai merger talk and the actual merger, but it seems that the Gnosis side will partially pay for the mistakes made pre-merge if this were to pass. At least all this is from my limited knowledge of the situation. Correct me if I’m wrong, please.

Of course, hindsight is always 2020. But if the Gnosis/xDai community goes through with full reimbursements, I think it will win the hearts over everyone effected and show the rest of the industry the power of DAO helpin’ DAOs. This is DAO2DAO collaboration in another form, in my view. Powerful statement. Thanks again Monstrosity, Luigi, and everyone involved for trying to move quick on a resolution.

So I’m broadly in support of this proposal. Before seeing this and the Hundred finance proposal, I had in my mind a 50% figure for compensation from GnosisDAO for lenders of both protocols.

Given the attributes & scale of the exploit, that GnosisDao would take half of the responsibility, and the other half to fall on the protocols and lenders (depending how the protocol wanted to share it) feels fair and appropriate to me.

Given the situation of Agave, I also am happy to support us taking a stake in Agave to support both an extra piece of their compensation to lenders and contribute to their treasury (if I understand this correctly, see A)

I do want to clarify a few things:

A) It appears that the purchase of AGVE tokens from the Treasury (auction depending) exceeds the amount Agave needs from a compensation perspective, and is intended to help Agave get back on its feet with approx. ~$1.8m for their treasury.

If so, that should really be called out in the proposal explicitly, so GnosisDAO understands we are investing in Agave beyond the compensation plan for lenders. I support this if my understanding here is correct.

Agave is an important protocol on Gnosis, and for the DAO to take a significant stake is a good idea so we can also share in the potential upside of a thriving money market on GC.

B) The table image suggests that the GNO and WETH transferred to Agave as part of this plan are specifically for those who deposited GNO and WETH in Agave. So lenders who deposited GNO into Agave will be 100% compensated with GNO, so made whole in their same asset. And the WETH will be used to compensate the WETH depositors in Agave. For the lenders of the other assets, they will be compensated through the other mechanisms by Agave (supported by the auction, and the 20% TBA etc)?

I can understand the condition placed on GNO usage, but am less clear why we would restrict the use of WETH to WETH depositors?

Is this understanding correct? Is this a mandatory requirement placed on Agave in how they use these tokens once transferred? Has that been communicated and understood by all parties?

Again, if so this should be explicitly called out in the proposal (ideally with the rationale for this restriction) so all stakeholders understand this clearly.

C) The verbiage around the auction is not particularly clear - and it should be clearly spelt out so GnosisDAO knows exactly what it is approving. My interpretation has been that we, GnosisDAO, will offer ~$127 per token for 25k AGVE. So in this proposal we are approving up to a ~$3.175m purchase of Agave tokens. If there are other bidders, we may not get that full amount (or, in fact, any) but we are approving a spend of $3.175m?

And to confirm we will not be bidding any higher if the auction does go above that price?

Is there any threshold in Agave market price that would cause us to adjust our bidding price? A 30% to 40% premium feels ok (which we’re currently in), but I would be uncomfortable if we were paying significantly more than 2x market price (set as a 7 day TWAP).

D) Also there is no outline of next steps and timeline. Will the Agave DAO be voting on the proposal from their perspective? Is there any interdependencies with the Hundred finance proposal (I have concerns with their proposal that it puts more of the burden on GnosisDAO, which I have posted in response to their proposal)?

E) How will the proposal be adjusted given the recent spike in prices generally since the proposal was submitted? Is there any impact?

I’m strongly in favor of a compensation plan as I was one of the victims. the_gno_star has good questions. I also wondered about the auction which will give more funds to Agave than the table shows. If the AGVE price increases above the floor and other bidders win the auction, Agave would gain even more but Gnosis will maybe get nothing. I think an easier solution would be for Gnosis to simply buy AGVE for a fixed price.

I am in favour of a compensation plan, and Gnosis helping in that effort. This plan makes sense to me.

In my opinion, there are three main points.

1. AGVE successfully filled a hole in the Gnosis (formerly xDai) ecosystem. I fully believe that Gnosis should back our native projects, and AGVE has earned our support.

2. From AGVE’s perspective, it’s hard to blame them for their exploit. This isn’t an exploit due to negligence on AGVE’s part, its due to extremely trusted code by our entire ecosystem that nearly every contract has integrated with having a vulnerability. The audits on this code put the risk at “Low”, and had the contracts patched. Even as a dev in this space, I knew of these audits and it was my understanding that this was “fixed”. I did not realized only newly minted tokens across the bridge were fixed, and old ones retained the exploit. To me, I put the blame on the bridge for not forcing these old contracts to be fixed via a burn migration. It feels like they brushed the problem under the rug and pretended it didn’t exist.

3. GnosisDAO acquired the ecosystem, and in doing so inherited this responsibility. It’s unfortunate on Gnosis’ part, but if you acquire an ecosystem, you must take responsibility for problems your predecessors left you.

I don’t believe it’s morally okay to leave our OG users hanging, nor blame Agave. Sharing this burden is the best way for us to proceed imo, as well as either fixing the underlying issue or making it very clear in the docs that this issue exists for future teams.

Agave is the first money market on XDai and almost exclusively used by early adopters of the project. The loss of money happened due to bad design on chain’s part. It’s outrageous that this is even being discussed. Gnosis has a big chunk of reserve right for days like this. Pay it up in each token before market goes higher and dont reflect this on Agave which is running AAVE code that is universally well trusted. It’s not like Agave was allowing deposits and loans for small time farm reward tokens, all the tokens on Agave were bluechip. If AAVE code doesn’t work on your chain with bluechips, and people lose money, you better pay them back or no one else will ever touch this chain.

Did you try to make a joke there? So if Agave goes copy c copy v the codes of AAVE and bring it to Gnosis chain with slightly modificating it and Agave gets drained by a leak, where users loose their values than you say something like ‘oh it’s the chain fault!’:

We can see a lot of the forks have issues on every chain. That’s why usually people avoid using forks, and only play with money that you can afford easily to loose when it comes to forks. Would be important to pay for the real trusted protocols to develop on the chain, for example Aave. Instead of bringing Agave back to life with Gnosis’ treasury, bring Aave to Gnosis chain. (Aave wants to be on most of the big chains anyways, and we aim to be one of it I suppose as Aave is one of the biggest and most reliabile protocols [wonder why there are so many forks?]). Aave cannot be compared with agave, as people can feel a lot more secure about it, would been using it on a lot higher volume. I feel empathy towards the people who lost value through the incident, but I believe those people now experienced what many of us did through these years exploring the crypto-space and I hope they did learn from it and booked it as a valueable lesson/experience to grow further with their knowledge.
I understand the reasonings on why people try to pressure this incident on the Gnosis chain, but usually these security issues are checked and avoided when people write their own codes like Aave does.
Obviously that’s a level we can’t compare with Agave, as it is a copyc copyv fork, but if Gnosis takes responsibility over Agave (which cannot pay anyways nor as I read the comments the devs there taking responsibilities due it’s a ‘community effort’ and they did copyccopv AAVE nicely), than how many of the future copyc-copyv forks will demand GnosisDAO taking responsibility instead of the people involved with rushing forks (which people usually aim to build asap to win the race towards market share to bring value to themselves and the token holders as they are the biggest token holders anyways) which ended up having leaks? Why should be GnosisDAO take responsibility over the forks on the Gnosis chain paying the users their lost funds due leakage of the copyc copyv forks?
If we build a house in hurry based on an other great-nice house’s draft/blueprint and it collapses, will we ask GnosisDAO to take responsibilities and pay up the damage so we can rebuild?
Well, I believe in this case, we should say Yes.
Because GnosisDAO wants Gnosis chain to be the canary network for Ethereum.
Which means, back and forth it should been able to create protocols without differences or security issues. This is the only reason why I am supporting to take responsibilities partially over Agave.
With different numbers from the GnosisDAO.
I believe there should a minimal way of refund, GnosisDAO should refund less than

A maximum of 30% I would suggest. And the hold of the withdraw so a couple big address cannot drain the partially recovered Agave treasury before ‘most of the users’ withdraw their smaller portions. This would mean a more fair distribution of partially recovered funds. And it doesn’t create a ‘rat race’ to withdraw asap or you will not get your funds. It would been like in banks in emergency. Make sure the Agave codes will not allow some address to withdraw more than the limit for everyone. Nor would be ‘bugged’ anyhow to abuse withdrawal function to drain the recovered funds with a couple big address.
This would be a decentralized way that favors everyone in the same way who got involved, distributing the partially recovered funds on the weight of GnosisDAO.

I feel it makes sense to implement

Gnosis should pay %100 of the lost funds because
1-The positive feedback of such an action reinforces trust that Gnosis Chain takes responsibility for their shortcomings which is evidenced by the decision for a hard fork to be made in this case.

2-The amount that is lost is small when compared to Gnosis’ reserves. It is not like the reserve will be shaken. Still, Gnosis will receive Agave tokens at a markup compared to current price but will achieve large control in Agave and will retain the chance of covering the loss if Agave flourishes again.

3-Agave is a product of 1hive which is the only DAO that kept trying to build things on XDai before even the layer 1 boom. 1hive stood by this chain and almost all OG’s on this chain used it’s products. If this chain fails to bring big names due to the cheapstake act, which is a big possibility as shown by your response, it is highly likely that 1hive will still be the only DAO that continues to build things here. So it’s not a bad choice to support them in an event like this where the chain needs upgrade due to the reentrancy attack.

4-I held Gnosis for a long time before the coup-like agreement that led to it acquiring XDai chain and the problem with Gnosis that lead me out was the close-fisted approach it had about it’s treasury. All layer 1s pumped up via giving incentives to their protocols for high apr and grown a lot while Gnosis always tried to preserve the treasury. This approach led to Gnosis failing on it’s own and acquiring another chain. If this type of behaviour is to be followed, I’m sure the last dwindling XDai users will flee as well.

5-Good luck with bringing AAVE here with zero liquidity onchain and not helping your main money market users who got robbed due to negligence on chain’s part keeping your bridge with outdated cote which is a risk factor.

Understandable points, but can’t agree with the

part, but I believe Gnosis should take partially stand to recover a chunk of the funds.
I would not vote yes if the proposal would suggest recovering more than 30% by GnosisDAO except:
The only case I would support 100% recovery by GnosisDAO if it’s locked and distributed overtime in 6 months for example. While there will be motives & action taken towards tracing back the exploiter by a team of professionals paid by GnosisDAO. And still it would been ideal (most likely it’s late) to offer a bounty for showing the way of the exploit, for example 25% of all the stolen funds and no legal charges will apply. Would be nice to discuss these further live!

Let’s have a GnosisDAO core team AMA with questions & answers live on Twitter or Discord so we can discuss all of this properly and hear the core team’s opinions on the incident! 1 hour would be enough with also including further questions about different things (as even about the SAFE token there are questions which don’t get answers yet nor on telegram nor on discord)

@Nikko Ser, obviously you are not informed about the history of this chain and its community. I would like to share some info, which I believe may help you change your opinion regarding a reimbursement. However, first of all, I should definitely emphasize that no one would try to impose full responsibility of the exploit over Gnosis here, and that is why people have been trying to find a common ground, which in the end will be beneficial for all parties. Alright, let’s get to the history.
1 - One of the reasons why 1Hive decided to deploy its tools on xDai was that the community experiments with decentralized governance tools. And these tools require direct on-chain actions, which is simply not feasible on Mainnet.
2 - 1Hive have been working on xDai chain since 2020, experimenting with stuff, and bootstrapping the chain, onboarding new contributors, and attempting to bring necessary tools that all EVM chains should have. For instance, when 1Hive first migrated to xDai, there was not a DEX. Hence born Honeyswap, forking Uniswap to fill the lack of a DEX in the ecosystem.
3 - Agave, again, was born out of 1Hive due to a necessity. The idea first emerged in January 2021 as you can see here . When it was first discussed, Aave was not deployed on any chain other than Mainnet, leaving people with smaller portfolios outside a simple DeFi experience. Therefore, as we believed it is one of the most robust codebases out there for a lending/borrowing platform, we decided to fork Aave into Agave because Aave was obviously not interested in deploying their platform on xDai.
4 - Agave is not some simple copy-pasta fork where you keep seeing popping up everyday for some easy cash-grab or outright rugpulls like those GooseDefi forks or Tomb or whatever the hell forks. The idea to fork Aave was both out of respect for the code and to fill again a necessary void in order to enhance the DeFi structure on xDai chain.
5 - While experimenting with this stuff, neither 1Hive nor Agave did any IDO-like token sale, and these were community projects since the beginning. Moreover, again neither 1Hive nor Agave had received any funding from the Ecosystem Fund before the matching reward system here proposed again by @Monstrosity on the xDai/Stake forum. In fact, 1Hive has spent more than $3M from its limited common pool mostly to bootstrap the entire chain as can be seen here.
6 - People who got rekt due to the exploit are mainly community members of this small ecosystem (or hipsters as Igor Barinov liked to put it ), including myself and many of my frens who have been working to make this entire chain better, to grow it by either building stuff or helping others getting onboarded.
7 - People who lost funds due to the exploit believed that both the code and the infrastructure where the code resides were robust, and did not want to put their money outside this ecosystem as it would be simply ridiculous to do while trying to increase the TVL of your own chain.
8 - Lastly, to re-emphasize, this proposal is not a simple bail-out of Agave by Gnosis DAO, but a good faith approach by all the parties, sharing the burden based on their capability. And please bear in mind, the tone of the argument can be hurtful for people as it is individual users, the core of this community, who lost considerable amount of their funds (I, myself, lost my life savings).
9 - You are free to tell me “fuck off, I don’t care about your losses, all I care is my bags,” and it would show what a wonderful personality you have!