Should GnosisDAO respond to the Hundred Finance exploit in the following manner?

I don’t agree. It was an ecosystem wide problem that is serious enough to call for a hard fork, so to say that the protocols need to pay up to 50% is unreasonable on that basis but also economically. Again, the resources required if the protocols are forced to cover more are exponentially more burdensome than what it is for Gnosis, due to the size, available resources and health of Gnosis which simpley cannot be compared to such small protocols. Even more, I think the point was missed that this was an ecosystem-wide problem going beyond the protocols whose main responsibility or lack thereof was trusting that the GC would function similar to mainnet which is what GC advertises. On the other hand the danger was known to GC but never got around to actually being changed until now after people were hurt. To say that both parties are 50/50 to blame is unacceptable, and to ask the same from both considering their differences is unjust and callous in my opinion.

Again I disagree with simply calling it at 50/50. If anything because GC was the underlying infrastructure that was the commonality among everything.

On the surface, the Meter exploit and the Gnosis one have some things in common, with both parties sharing responsibility. This would support a similar approx. 50/50 arrangement here.

Meter was 100% at fault and should have paid 100% of the losses, but they couldn’t afford to and decided to stiff Hundred’s users. We decided to contribute some HND to cover what we could of their shortfall.

This is a very different case, and I don’t think drawing parallels benefits the present discussion.

It’s an important pragmatic element to protect short term price action but it’s far less important than the total $ leaving the GnosisDAO treasury.

Do you contend that there is no benefit to the Gnosis DAO treasury to make the repayment in hvGNO (Hundred’s suggestion) vs directly in ETH (Agave’s)?

By including those periods into the average it takes the markets view of value both pre and post exploit.

We can use the 180 day average price (including post-exploit) like Agave is doing.

Thank you for the response!

I think this point is totally understandable, but I want the DAO to consider the following: Gnosis is a much bigger protocol than HND, has a much bigger Treasury than HND and is willing to spend 200 mil in ecosystem rewards. It is much easier for GNO to lift this burdern than it is for HND. Additionally HND can’t mint new tokens, the tokens are vested for over 4 years. So the protocol can only offer the amount of tokens mentioned in the proposal.

Of course we can also use the same auction mechanism for the HND tokens that we used for AGAVE. If we use a 180 average for the HND tokens, they generate a much more favorable $ amount.

In general we shouldn’t try to “blame” (for a lack of a better word) anyone for the hack. We shouldn’t point fingers at each other, main focus should be to try to find the best solution for everyone involved. I also hope that we find a solution that is fair for the users of all the protocols and doesn’t favor one protocol over the other.

Meter was 100% at fault here, the HND DAO and the team were willing to compensate the users, because they care about the users and prioritized long term growth over short term growth.

So what is your suggestion here? HND lost mostly stables, so the current market conditions are favorable for HND if you sell the bluechip assets for the stables. The DAO can reimburse and takes a smaller $ denominated hit.

I agree with you here and thanks for clearing up some points. Healthy conversation and consideration of all points in needed to reach a good solution for all. Peace

Thank you for your response.

I’m afraid I just disagree.

I’ve read the various posts and twitter feeds about the exploit and and that’s my conclusion. Several conditions needed to be met for the exploit to happen, and those were under the control of both Gnosis and the two lending protocols. If either parties had done a few things differently, it would not have happened; both could have independently prevented it.

There is obviously no right answer here, it’s a matter of how you look at it and weigh things out. A roughly even split responsibility feels about right to me.

There has to be a good rationale for why more of the burden should fall on GnosisDAO compared to the Agave proposal, apart from the relative size of the Treasuries. And I have yet to see one.

Whilst I can see there was disagreement about who was responsible for the Meter exploit, and am not familiar enough to comment on it, I can see that Hundred finance covered over 50% of the losses. In this situation, they would be covering less of it if it mirrored the Agave proposal: 44% .

The current plan with current market prices makes no sense.

At current prices, GnosisDAO would be covering Hundred finance losses at about 120%…

Given the market context, if it was down to me:

1. I’d provide 56% of the stable balances in stables from our treasury; Hundred finance lenders get assets immediately in comparative form to what they deposited.
2. Likewise, 56% for WETH & BTC lenders in WETH (denominated in WETH; BTC priced on proposal approved date using TBD average price); Hundred finance lenders of these assets are largely not negatively affected to market movements since the exploit (we’d have to revisit if BTC and ETH prices diverged significantly)

• Our Treasury Ops can then rebalance as needed from GNO whilst minimising market impact. We do carry more short term GNO price risk though whilst our Treasury makeup has less stables.
• There’d be no need to Hundred finance to worry about design and manage locking & vesting, and lenders wouldn’t have to carry GNO price risk for 6 to 12 months.
• It becomes somewhat more comparable to the Agave plan in more lenders getting the asset they deposited (or correlated as for BTC depositors) and at the same 56% of coverage (in aggregate; Agave plan has a distinct approach for GNO depositors).
• There is no need to worry about how to calculate an appropriate averaged price that takes into account recent sharp price movements (apart from relatively small amount of BTC)

It’s a simpler, cleaner solution that strips out much of the market risk.

Marked to market today that would be a loss of Treasury assets of $3.65m vs $7.9m for the current proposed Hundred finance plan (or vs $5.12m using the pricing strategy in the current proposal). Downside for GnosisDAO is we carry the extra price risk for GNO.

I am pretty sure most of GnosisDAO would agree that a 6 month + 6 month lock & vest to protect GNO selling pressure and the potential for some to hold on to their GNO post vesting is not worth $4.25m - which is one of the rationale posted here for why 56% for Agave vs 80% for hundred finance (and with this solution we get to manage that risk, and can control it better).

The remaining 46% would be the responsibility of Hundred finance DAO, but GnosisDAO could be open to discussions about taking a small position in Hundred finance to help with that (but that would be part of a separate proposal in order to not slow the passage of this proposal).

There’s probably a flaw with this I’ve missed, and my analysis is back of a napkin so may contain errors, so please do check & critique.

In short you want us to use the exact same compensation plan as Agave. Thank you for your suggestion, I don’t see any point continuing a cyclical argument. If Gnosis DAO would prefer to use non-GNO treasury assets for compensation then of course we should take that into account.

I agree, if the DAO prefers the AGAVE proposal, it makes no sense to continue to debate it. Gno_star is just 1 opinion though and we don’t know what the other people think, so it might be a good solution to do a strawpoll or something similar to check the sentiment of the DAO and which solution they prefer.

Would it be acceptable for the DAO to offer GNO LM rewards for the effected HND users? The Agave approach wouldn’t cover the full amount for HND users and users could make up some of the missing % over a longer period of time.

Thinking a little more about this after rereading all the comments and digging a little more.

I’d also vote for a proposal with GNO only, if it was based on a better pricing approach and the premium was limited to max of 10% over and above the Agora proposal for the distribution* and locking/vesting (which would make GnosisDAO contribution to approx 61%).

Hundred finance is currently proposing a 43% premium vs Agave (in % share terms, it is higher is in $ terms with current market prices).

*The distribution value would be more compelling if it wasn’t going to so few wallets (72).

Can see a good reason why GnosisDAO might prefer to use GNO. Would like to hear from other GnosisDAO community members on their thinking about using different Treasury assets, advantages and disadvantages, and any views on associated lock/vest premium for the structure Hundred finance is proposing.

Also still no response on the process question I’ve asked about twice how this proposal works with Hundred finance DAO governance? Does Hundred finance DAO need to vote on this proposal and will it be stuck to (see below)? If so, when will that happen so we can plan accordingly?

I looked into this a little further and spotted a governance red flag with Hundred finance. I had previously seen there was a vote for compensation for the Meter exploit by Hundred finance DAO, but what I had not noticed was that the DAO voted NO to compensation but did not meet a very high and unrealistic quorum bar, and then the team decided to override the DAOs decision and provide 51% compensation. This is a worrying development.

With this in mind, I feel before voting and entrusting them with a significant amount of funds, we should be confident we can understand and trust the Hundred finance DAO governance process around this proposal. We have be able to trust that Hundred finance will stick to the conditions that GnosisDAO and their own DAO approves.

We should not vote on any proposal until this is clarified. We are in the land of funny money and it can be easy to lose sight that this is a significant amount of money, and a lot of trust involved. I’m sure the Hundred finance team is good but we should not blindly trust.

Is the Hundred finance team doxxed to the Gnosis leadership? That would be reassuring, and good for peace of mind.

I can clearly see that you give preferential treatment to Agave, which is understandable, but I question the intent. You propose to use the exact same mechanism, but then you question the prices used, because it is unfavorable in $ terms. In my opinion it is not okay to ask for the same mechanism and then nitpick at the mechanism because it is “unfavorable”. You seem to be fine with the mechanism used by AGAVE, so why is it okay for them, but not for HND? I also don’t know why the few amount of wallets should be a factor, you either treat everyone the same or you don’t.

Regarding the government process, I hope someone from the team answers this point, otherwise I might add my thoughts.

Hi there, you missed the major point in Meter compensation plan that Treasury funds will not be used for compensation, dev fund is going to be used for that and it is in full control of the team.

I looked into this a little further and spotted a governance red flag with Hundred finance. I had previously seen there was a vote for compensation for the Meter exploit by Hundred finance DAO, but what I had not noticed was that the DAO voted NO to compensation but did not meet a very high and unrealistic quorum bar, and then the team decided to override the DAOs decision and provide 51% compensation. This is a worrying development.

Please see Hundred Finance: Meter Exploit Compensation Response - General Discussions - Hundred Finance for a detailed explanation of how that decision was reached. In short, Hundred Finance’s governance processes are still in their infancy, and some mistakes were made (setting quorum too high in particular). We can only learn from these and do better next time.

The governance vote to reimburse users affected in the Meter exploit failed to reach quorum by a wide margin (quorums will be set lower in future). The vote was in favour of not compensating users by token count, but the wallet count was split. The team then held a team vote on whether to use funds from the team allocation to help these users, which passed.

I can understand the importance of doing due diligence and being careful. However I think we also need to be reasonable. Hundred is somewhat young and is just starting its governance. That young governance was trying to do its best to make whole its users who were hurt, not to steal away funds from anybody. Further I’m not sure you are aware but although hundred is young, vfat has been around DeFi for a while as a trusted name. This doesn’t mean we should take everything for granted, I just want to encourage this conversation not to get caught up in fearmongering. I do not know if your concern was this or if it was in earnest, but I do believe we will generally come to agree that hundred did not do anything maliciously with its handling of helping its users with the meter event, and is not scheming to do anything harmful here.

Not sure if you caught this or not, but respected Blockchain Security Researcher Mudit Gupta also agrees that Gnosis Chain shares fault here

Millions of $ in difference is not nit picking! I worry that there is a view here that we should be cavalier because there is a big treasury, it makes me quite uncomfortable that that is the reasoning.

With the suggestion I made, price approach becomes less important. If GNO is used, a fair pricing approach should be used that incorporates movements after the exploit and recent price movements. That applies to both proposals where there is a necessary mark to market component (instead of where compensating like for like).

I think Agave is redrafting their proposal after feedback and price movements, so I’m waiting to see if/how they deal with these issues before commenting further on their proposal.

If it’s not clear my thinking is simple: the 2 proposals should be broadly comparative, and they are not (56% vs 80%) and the Agave proposal is in the range of the 50/50 split which I think is fair, and the Hundred finance one is not. So the focus needs to be to get the Hundred finance into a comparative and fair shape. I am not seeing any suggestions from the Hundred finance side to move towards this outcome. That would be constructive.

I think you are missing the thread here. This is related to improving the distribution of GNO. There is a long held view that GnosisDAO wants to improve the distribution of the GNO ownership as the DAO holds a LOT of the supply (that is why there is a 6.8m GNO burn proposal circulating).

This was part of the argument for the premium for the Hundred finance proposal vs the Agave one (“…making it a lot more likely that users will retain some or all of their hGNO at the end of the vest”). But 72 wallets is not enough to really make that compelling, if it was 500 or 1000, and assume 20% held vs flipped as soon as the GNO vested, that might be more attractive to GnosisDAO for justifying more of a premium over the 56%.

That’s good extra information to know and of course understand these things happen. From a GnosisDAO view we need to be confident that kind of thing won’t happen here. There will be several millions transferred to a multi sig under the control of the Hundred finance team (I presume). Trust that the decisions of governance are followed is very important.

I would like answers to the questions I asked before though to further get peace of mind for this proposal:

A) Does Hundred finance DAO need to vote on this proposal and will it be binding?
B) If so, when will that happen so we can plan accordingly?
C) Is the Hundred finance team doxxed to the Gnosis leadership?

I am apprehensive about going down rabbit hole of specifics regarding the responsibility in this forum.

But I will point you to the full thread and responses, you will see several other comments:

Koppelmann arguing that the tokens should have been treated by the protocols like the risk that comes from flash loans and that the protocols should have taken the tokens into account in their design “the root cause is a bug that doesn’t take such tokens into account”.

Gupta responds “I agree that majority of the fault is of the protocols that got exploited”

Those comments would lead you to believe that 50/50 is a more than fair split of responsibility.

I didn’t say that. We already mentioned that the token amount mentioned in the proposal is the maximum amount HND can offer, the other tokens are vested or illiquid for 4 years. So we are discussing the percentage from the HND auction side.

You prefer the AGAVE approach and we said that we are completely fine with that. In this approach AGAVE sells their token with a GNOSIS auction at a beneficial price (you even wrote in your answer that a 30%-40% premium is okay).

So I ask why it is okay for them to use this mechanism, but you question it for HND? This is what I mean with nitpicking. If we use the exact same mechanism, HND can generate a much better $ amount, but you question the process in this case? If it is about the $ amount only, then you could have made it more clear.

If it is about decentralizing GNO ownership, you can offer LM rewards for effected Agave and HND users.

If GnosisDAO helps with funding the stolen treasury of Agave / Hundred finance, it should been a fair distribution. I believe 30% of the stolen funds would been refunded by GnosisDAO would been more than enough!
With a withdrawal limit for each address so a couple big address cannot withdraw the recovered funds but everyone gets up the an ammount first as it would been a decentralized way of partially recovering funds in equal ways.

If we somehow end up GnosisDAO recovering all the funds, for both Agave and Hundred Finance, it should be locked and over a period for example 6 months up to 12 months, distributed partially with each months. As I believe, GnosisDAO is not responsible, because usually it’s the forks that should do the security checks making sure there are no leakages. And I would bet it would not happen if Aave would develope on Gnosis chain as they wrote their own codes. In this case the lack of experience and awareness caused this issue from both side. And GnosisDAO wants to be the canary network for Ethereum, which means developing back and forth should not be an issue at all. This is the only reason why I would support GnosisDAO help recover the stolen funds from Hundred finance and Agave up to 30%, but as an addition: The distribution of it should been with unlocking periods. As it is a good gesture from the GnosisDAO side to help recover up to 30% of the stolen funds. (Just make sure whale addresses don’t drain the distribution of the recovered funds unfavouring the ‘masses’)