Unchained - The Chopping Block: Why ‘One Man’s Bug Is Another Man’s Bounty’ - Ep.338
Episode Date: April 7, 2022Welcome to The Chopping Block! Crypto insiders Haseeb Qureshi, Tom Schmidt, Tarun Chitra, and Robert Leshner chop it up about the latest news in the digital asset industry. Show topics: how social e...ngineering was used in the $600 million+ Ronin bridge hack what bridge infrastructure needs to be built (note: if someone wants to build a cross-chain Etherscan, it sounds like Tarun would fund it) why the Inverse Finance hack impressed Tom how Open Zeppelin found and patched a $15 billion vulnerability for Convex Finance why transitioning to token governance might be an issue for Convex what made USDN de-peg why Tarun think algorithmic stablecoin creators are a little crazy the elegance of the Bitcoin whitepaper what their biggest takeaways from Elon Musk’s purchase of Twitter are why Tarun thinks FTX investing in IEX is actually a huge deal Hosts Haseeb Qureshi, managing partner at Dragonfly Capital https://twitter.com/hosseeb Tom Schmidt, general partner at Dragonfly Capital https://twitter.com/tomhschmidt Tarun Chitra, managing partner at Robot Ventures https://twitter.com/tarunchitra Robert Leshner, founder of Compound https://twitter.com/rleshner Topics Covered Ronin hack https://www.bloomberg.com/news/articles/2022-03-29/hackers-steal-590-million-from-ronin-in-latest-bridge-attack https://decrypt.co/96811/nearly-7m-hacked-ronin-funds-sent-privacy-mixer-tornado-cash https://roninblockchain.substack.com/p/community-alert-ronin-validators?s=w More hacks: Inverse Finance, Convex Rugpull disclosure https://www.coindesk.com/tech/2022/04/02/defi-lender-inverse-finance-exploited-for-156-million/ https://twitter.com/bertcmiller/status/1510284763332071427 https://blog.openzeppelin.com/15-billion-rugpull-vulnerability-in-convex-finance-protocol-uncovered-and-resolved/ USDN Peg broken, drama ensues https://www.theblockcrypto.com/post/140475/drama-erupts-around-the-waves-blockchain-project-and-trading-firm-alameda https://www.coingecko.com/en/coins/neutrino-usd Why is Elon taking a stake in Twitter? https://decrypt.co/96809/dogecoin-cheerleader-elon-musk-takes-9-2-stake-in-twitter https://www.wsj.com/articles/twitter-to-name-elon-musk-to-its-board-of-directors-11649162614?mod=article_inline FTX purchasing a stake in IEX https://www.prnewswire.com/news-releases/ftx-us-and-iex-join-forces-to-help-shape-market-structure-for-digital-assets-301517550.html Lightning Labs' $70 million raise https://www.theblockcrypto.com/post/140560/lightning-labs-taro-protocol-stablecoins-fundraise Gauntlet raises $23.8M led by Ribbit, now a Unicorn - congrats Tarun! https://cointelegraph.com/news/crypto-quant-firm-gauntlet-valued-at-1b-following-series-b Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
Hey everybody. Welcome to the chopping block. Every couple weeks, the four of us get together
and give the industry insider's perspective on the crypto topics of the day. So quick intros.
First, we got Tom, the Defy Maven and Master of Memes. Next up, we've got Robert,
Crypto Connoisseur, and Captain of Compound. Third, we've got Tarun, the Gigabrain and Grand Pubot
Gauntlet. He is going to be showing up in a second. And then myself, I'm a siebe, I'm head-hyped man
at Dragonfly. The four of us are early-stage investors in crypto, but I want to caveat that
Nothing we say here is investment advice or legal advice or even life advice.
So it's been a little bit of a slow week in CryptoLand or slow couple weeks, I would say.
It seems like most of the news this week has been around hacks and things breaking, which is...
Only the biggest hack of all time.
Other than that, it has been pretty chill.
That's true.
That's true.
It's funny how just the passage of a few days makes things seem really whatever.
Yeah, it's like years ago in crypto speed.
Exactly, exactly. I no longer even feel it.
The night that I saw that the Ronan hack took place, I was just like, oh my God, like this is, this is the worst nightmare for anybody in the crypto industry.
And then two days later, I was like, oh, never mind, no one cares.
Well, that's because you didn't have any of your own funds in the Ronan Bridge.
That is true. That is true. Very much by choice. I did not get my funds in the Ronan Bridge.
Well, so, okay, let's maybe just go through the news for those who are not aware.
what was this? This was March 29th.
This was a little bit over a week ago, as of the time we're recording this,
that the Ronan Bridge was hacked for a little bit over $600 million worth of ether
and stable coins. So the TLDR on how this thing got hacked is that basically,
so the Ronan Bridge was secured by a multi-sig that nominally had nine addresses in the
multi-sig. However, four of those addresses were controlled by accounts owned by the Axi-N
infinity team or the SkyMavis team, which is the developer of Axi Infinity. And so what ended up
happening was that reading between the lines, there was some kind of social engineering attack
on some of the members who controlled them, who had access to the multi-sig at Axi Infinity.
And there was also a bug from a previous program that SkyMavis was running that gave them access
to another one of the multi-sig account holders. So basically it was effectively five of nine
controlled by one party. And so when that compromised their place, they were able to sign
any basically able to forge a signature, or not really even forge, just actually write a,
you know, create a signature that allowed them to say, yep, this is a valid withdrawal,
go ahead and send this money over the bridge.
And so using this, the attacker was able to move an enormous amount of ether and
USDC.
And also supposedly, this hack took place six days before the bridge was actually shut down.
And although users notice that like, hey, guys, there's like something weird going on.
What are these big giant withdrawals?
The team was like, oh, no, no, no, it's fine.
we're looking into it, it's no big deal. And then later it was kind of effectively all but
confirmed that, like, yes, this was a massive compromise. The ether was missing and they needed to
shut down the bridge and somehow remunerate the victims. So the Axe Infinity team has pledged
that they are going to remunerate the victims. There was actually a big update to the game that was
supposed to go live recently, and that's gotten pushed back now because, you know, everyone's
Everyone's been hacked.
So it's a really, it's a bad, it's a bad look for X Infinity.
They've cleaned up the multi-sig.
They're now, you know, they have more essentially decentralized parties on the multi-sig
at this point.
But it doesn't look good.
So, yeah, Tom, Robert, perspectives on the largest hack in on-chain history.
Yeah, I think you mentioned it, and I thought it's very funny that normally something happens,
and I feel like within the hour, all of CryptoTwitwit is talking about it.
but this took place on the 23rd and the news kind of broke on the 29th.
And Crypto Cobain, Kobe on Twitter, noticed this and said that he took out an AXS short.
But in the time between, you know, when he took out the short and when it was noticed and made popular on crypto Twitter,
AXS actually went up a lot.
And so he was liquidated on the short when we tried to sort of trade on the news.
So markets aren't always, you know, super efficient in crypto, unfortunately.
I was disappointed by this hack.
You know, cross-chain bridges are extremely complicated.
This has been the basis of a lot of the different hacks and vulnerability just over the last year.
You know, my expectation is that, you know, as more L-1s besides Ethereum become popular and more bridges exist between Ethereum and other blockchains, that the bridges are going to be the most likely place where funds get lost.
simply because they oftentimes deal with more complex systems than a simple smart contract.
So it took people a couple of years to get good, and putting that in air quotes is never good,
but skilled and hacking solidity.
It was a relatively simple surface area for people to learn how to write solidity safely,
a bunch of auditors, you know, learn how to, you know, check for the most common patterns of, you know, risk.
And over time, we started seeing like basic solidity attacks go down.
multi-chain bridges are significantly more complex systems that use multiple different platforms,
multiple different languages, multiple different security parameters.
They blend things from centralized to decentralized.
We've seen some of the biggest attacks and hacks here.
I think it's going to continue to be the number one weak point for crypto ecosystems.
And if you're a user, I think you want to be especially cautious about cross-chain bridges
until they've really stood the test of time.
and, you know, have an extremely in the effect.
Well, so you say that, you know, bridges keep getting hacked
and bridging is extremely hard.
That's generally true, although this was not a,
okay, there's an enormous complexity of bridging,
and that's why they got hacked.
They got hacked for the most mundane possible reason in crypto,
which is that they clicked on some dumb link.
They got compromised, and the quote-unquote multisig
was actually basically a one-of-one.
And this is like the most big,
basic kind of attack in crypto, for which there, to my mind, there's no excuse. So I would not put this
in the same category as the wormhole hack or the, what's it called multi-chain, what used to be
polynetwork. This was the most basic failure of OPSEC that you could possibly have in crypto. And also,
it was just handled in an incredibly amateurish way of like, deny, deny, deny, and then six days
later, okay, fine, yes, we got hacked for an enormous and massive amount of money.
Well, I'll posit how many users, you included, me included before this hack,
knew, you know, the structure by which the funds and the bridge were secured.
I didn't know, but I'm not an axi player, so I had no interest in knowing.
Right. And how many people do you think even asked, right?
Yes. No, granted, granted. But I think there's a view in crypto that it's the responsibility
of the user to diligence, all the software that they use and blah, blah, blah, blah, right?
This is forever. This has kind of been the core story about, okay, you know, verify don't
trust. You know, everything is open source, everything, not everything, but most things are open
source. So you should be able to figure this out yourself, read the smart contracts, blah, blah,
blah. Now, in reality, especially in the world as crypto is going mainstream, this is a pipe dream,
right? There's no way that we can expect normal users, especially the users of something like Axi Infinity
to go in and read the bridge contract and understand what the hell it's doing. And of course,
even if you read the bridge contract, you don't know who the signers are on the multisags.
They're just a bunch of addresses, right? So you don't know that they're all controlled by one
party. So it is the responsibility of Sky Mavis to figure this shit out. And like, look, if you are using
if you are using a multi-sig for a bridge, okay, fine. I understand bridges are hard. Maybe a multi-sig
is a good enough stopgap in the interim, right? Like even right now, you know, look at Stargate.
Stargate is right now signing all their, all their oracle reads with just a multi-sig.
Getting the full decentralized nirvana vision of how to build, you know, cross-chain bridging
is awesome. I'm all for it, but it's going to take a while and I get that. This was a very, very
basic failure that I think there is really no good excuse for and it falls in the same category
of people who get their apes hacked.
You know, like that was the level of incompetence that Sky Mavis exhibited in this hack.
So I think they deserve the, the opprobrium that they're getting right now.
It just ends up making the industry look really bad.
If this was some mastermind type thing, you know, like I think the wormhole hack is a good
example of, look, this was an incredibly complex hack and it was hard to catch, right?
It was a genuine edge case.
This is like the main thing that happens is like, look, if you control access to a multi-sig that has billions of dollars in it, don't click random links and make sure that all the multisic holders are different people.
That is your main job if you're managing huge amounts of money.
Yeah, I think in this case, though, to be a little bit more nuanced, it's probably not a multi-sig with people holding private keys and signing them directly.
I assume it was all server-based where they had, let's say,
four different computers with identical code, each independently signing messages, you know,
it probably was less about humans and more about keys on identical servers being compromised
because humans were silly, right, and made mistakes. Yeah, I think they mentioned that like they left
like a white listing function in to like call directly into like one of their nodes, probably one of
the signing nodes that's like, yeah, you don't want to want to do that. I, um, I do also wonder like sort of
the implications for maybe the market more broadly. I think we've, you know, there's sort of a L2 versus
L1, like, bearable thesis where it's like, you know, L2s are supposed to be this nirvana of super cheap
transactions and, you know, everything just sort of happens within the same ecosystem. And that's kind
of been, I think, foiled by the growth of these other chains and really, you know, cheap, fast bridges.
And it's like, well, why am I going to use optimism when I can just bridge, you know, avalanche?
And it's way, way cheaper and, you know, faster. And like, the bridge is sufficiently good.
about, you know, sort of network security or whatever. It's like, it's fine. Well, sometimes it's not
fine. And so I wonder if this is going to, like, emboldened people who are now, you know,
maybe looking more to like build on an L2 instead of building on one of these, you know, cheaper,
faster, up-and-coming L-1s, because maybe that assumption that, hey, the bridge is going to be
secure and fine is, like, not necessarily there. I agree. Maybe Rohn is not really emblematic of
broader bridge building security, but, I mean, wormhole also was, you know, a massive hack and,
you know, that's straight, straight smart contract issue.
Yeah, I would say that I think this may be the first,
it may be the beginning of us starting to,
people starting to really feel like,
hey, multisigs aren't that secure.
We've kind of gotten used to this idea that like,
hey, multisigs are just kind of a fine stop gap
and there's no real difference between a multisig
and some kind of full, you know,
decentralized security solution.
Because, of course, centralized security solutions
can also get hacked.
And, you know, you mentioned layer two.
Of course, there was very famously the $2 million bug bounty
that was paid for that optimism
paid out, what was the name, Sorik, discovering a vulnerability that allowed unlimited minting
of ether, which you could use to drain all of optimism.
Right.
So the reality is that all this stuff is frigging hard.
All this stuff has massive surface area for bugs and the one thing, I think the reason
why people default to multisags is that at least it's a, it's a security model and surface
area that we know and has been very battle tested, right?
No one's worried about no CESAves getting compromised.
Then the compromise just moves a layer up to like, can't.
can you actually manage that NOSSA safe in your own security surface area effectively?
And here, actually, it's one of the reasons why I like the Avalanche Bridge, because the
Avalanche Bridge, they basically use Intel SGX to ensure that the bridge operators are actually
running according to a certain program, such that even if they were compromised, you can't
break into the, assuming that you don't have a compromise for SGX, you can't break into
the machine and cause it to do stuff that it's not supposed to be doing.
and, you know, ostensibly, if that works and that setup is running correctly, which I think is a lot easier to do than a, you know, layer two or optimistic roll-up or something, you know, even the near bridge, which is uses sort of an optimistic design, the rainbow bridge, is more complex and it's got more surface area to it.
So I think in the short term, my expectation is that bridges are going to try to find relatively simple ways, but lowering kind of the human error component to make sure that bridging remains secure.
in the long run, we do have to find decentralized solutions to this stuff that doesn't rely on,
hey, these like seven people I know I can trust.
You know, if you know which of the seven people there are out there to try to go attack,
you'll find them and you'll be able to attack them the way that, you know, you would think
Sky Mavis was like, okay, maybe one of some of the other multi-stick holders might be attacked,
but Sky Mavis, like they have the most incentive in the world to keep this thing secure.
And it was them who got popped.
Yeah, in terms of practical impacts of this, I mean, I forget who originally popped.
I think it might have been Vitalik, but it's a pretty logical concept, which is wrapped assets that are bridged from another chain should be worth less than native assets.
So ether on avalanche, no matter how good the bridges should be worth less than ether on Ethereum, you know.
No, that doesn't make any sense.
Do you know what that applied to like tether should be worth less than a dollar?
Not necessarily.
But the concept being that if you have an asset on another blockchain, it actually,
has the, you know, bridge risk that the native asset just doesn't, right? Fundamental. And if you
always treat them as being worked the same at some point, that's fine. But at some point,
you know, you have these, it goes to zero type of X, right? You know, I think like this, you know,
theory of like risk arbitrage doesn't exist yet. And users always treat them as exactly the same
asset on different chains. But I think over time, some extremely sophisticated, you know, market
behavior will emerge to value them differently as it should, because they are and should be
worse, something different than, you know, the bridge versus unbridged version.
I understand the shape of your argument, obviously, but the reality, I mean, the reality is more
complex because, one, of course, bridging stuff has a pretty tight arbitrage loop.
So it's very easy to go and, you know, arb, something that is a bridged asset,
assuming that the bridges are pretty liquid and pretty fast.
Second, if your argument were true, it should apply to Tether.
It should apply to U.S.C.
It should apply to anything that I can't trade above.
the peg, but can certainly trade below the peg, as Tether has historically.
But, and same with Dye, right? Like, Dye is all straight above the peg, but, you know,
Tyler should never trade above the peg, presumably. Absolutely. It should potentially trade
based on the bridge risk, being able to bridge back to the asset, right? If you are
completely have no issues bridging back to a U.S. dollar, then they should trade the same.
If, you know, you have the risk that you're not able to bridge back, it's not the same.
Which means that, like, in good times, and, you know, most at equilibrium, assuming,
the bridge is like fairly stable most of the time. Although a bridge asset always has more risk,
I think most likely it'll trade at par. Somebody's not being compensated for risk. Right. So then the
question is who's not being properly compensated? Yes. Although another way to look at it is that
there may be a premium to like, look, if you're on avalanche, it's like, look, I really want ether
here. I'm willing actually to pay a premium that may be, that may offset the risk premium that the
bridge is taking. True. So it's like, you know, importing, you know,
Dollars in other countries sometimes trade for more than they trade in the U.S.
even though it's complicated to import them.
Yeah, but those dollars oftentimes don't go to zero.
I think one thing we actually have to think about in these bridges is that, first of all,
we kind of have this notion of native bridges versus non-native bridges of like bridges
that are like promissory notes on native tokens on another asset and bridges that are
promissory notes on a local asset.
So, like, if I have ETH and I went through Wormhole, right,
I get a promissory note of Wormhole Eath,
but Wormhole Eth is actually a promise on another chain, right?
It's a promise on the source chain versus, like, you know,
something like wormhole synapse,
they synapse a little bit more complicated, but like, let's say,
Wormhole, or sorry, Layer Zero.
Layer Zero is really a promissory note on your local chain, right?
I think in some sense the problem is most users do not know anything about
distributed systems. They're not thinking about like source, destination, like whether I have a future
or a promise. So the number one thing I want to tell every listener who does know anything about
computer science, but who is like, oh, like I have like $10 million, bridge or cost 20 assets
on 10 different chains. Read the Wikipedia page for futures and promises in distributed
systems. Because at the end of the day, the choice of bridge is a choice of a future
promise system and just your system. And you will not get, if you don't understand what that
thing is, and how the, how like the notion of I'm holding something that's promising me something
in the future, there's something that's promising me something now versus something that's
promising me something at the intermediate time, if you don't understand that dynamic,
you don't really understand the asset that you're own, right? You have a mental model that might
be, it is the thing that I think it is right now, but it might not be, right? It might
only that thing at some future time or at some event happening. And the number one thing I think
I've learned after watching all these bridge things is that people have not internalized a lot
of basic terminology from distributed systems and mapped up to financial assets. The idea that,
hey, this thing that I think is one of one is actually a future plus a swap plus an option.
And it may actually go to zero because like the future might collapse at the same time as the
option the same kind of the swath. And that's a very important thing to remember. That,
that I guess maybe if I were, I just wanted to summarize kind of the conversation in kind of
more concise terminology of like, I highly recommend reading what the concept of future and the
promises in distribution systems. I think that's a very cogent point, but I think probably the
people who are bridging are more enticed with getting, you know, 1500 APY on, you know,
Brito finance versus, you know, considering the, uh, the relationship that they have with
their bridges. So maybe a point to, uh, yeah, Haseeb's point on, uh, on this pre-dios.
Well, the reason I say this is like some, you know the, the website L2 beats, which shows
you like the list of all the L2s and it gives you like the security assumptions and it lets
you like have a little comparison matrix of this like comparison matrix for the bridges and like the
notion of like what assets are synthetic and not. And also more of,
importantly for the end user. Which assets are like redeemable now? Which assets are
redeemable only if I cross the bridge? Which assets give me some other kind of guarantee?
And I think the layer two community, obviously maybe to some makes an over extending on this.
They have focused on education in this frame. And everyone in the bridge side has just been like
Yolo. It's the same thing. Like we don't give a shit. We're just going to pretend,
We're going to tell you you borrowed Ease on Solana and, you know, it's East.
So your yield is yield.
But I actually think there's a huge gap in the community of making L2BETs for synthetics on Bridges.
And that, like, I hope someone does that.
Bridgebeat.
I don't know what the name is, but yeah, like the same website.
We'll fund it.
You build it, we'll fund it.
I think I completely agree with that.
I think the bridges right now, and you see this, you know, the big war right now in Bridges
between layer zero and axelar.
And I think they're both in the position
where they're trying to tell the story,
I guess there's also synaps and multi-chain, obviously.
They're trying to tell the story that
bridging is going to be super easy.
It's just going to be like you click a button
and you know, it's like on the internet
you don't care what domain you're sending your next request to.
And the same way, you know, in bridging in blockchains,
you will just click a button and you don't have to care about
the details of how your transaction is getting routed
and where the funds are going and whatever.
And, you know, to your point,
Turun, it's not like the internet, because assets have to be sitting somewhere at rest.
And when assets are sitting somewhere, custody on some particular chain, that means that now
you have some kind of claim on an asset that exists somewhere else. And that claim, the way
in which that claim is redeemed depends on the details of what exactly was wrapped when and how
exactly it gets redeemed and if there has to be a swap in order to actually get the thing on
the other side. And so it's complicated. And you've got to know the details. And it's going to be
while until we actually are able to, until people, until it becomes more transparent to them,
what the bridging experience is going to look like when we do have robust cross-chain solutions.
Today, I think what we must have is beta software.
And not to kind of feel an abstract concept that perhaps all parties in this Zoom are invested
in kind of looking forward to. But the notion of a cross-chain block experience,
is quite different than the notion of a local chain block explorer
and actually conveying to the end user
what a cross-chain transaction looks like
will look different than ether scan.
And I think that's something that we have to actually internalize
that the UX for the end user will not be ether scan.
It will be like a very different looking thing
for how we search through blockchains and how we organize blockchain.
And that will kind of, whatever UX is,
third scan 2.0 is like the difference between like gopher and net scape.
Okay, well, it turns out that Ronan was not the only hack,
or not the only very significant hack that took place during the last two weeks.
We just recently saw another massive hack, well, actually a couple of them.
So one, we saw a massive hack in a protocol called inverse finance.
They were hacked for $156 million through an Oracle manipulation attack.
Tom, you were explaining this one to me earlier.
Do you want to give the TLDR and how this happened?
Yeah, just to be clear, it's actually 15.6 million.
I think a decimal got moved there.
Oh, whoops, sorry, 15.6 million.
Yes, not as bad.
What's a decimal point between friends?
You know, I say that all the time.
There's no decimals on the blockchain, man.
Yeah.
Everything is six points.
So who cares?
I'm kidding.
I'm kidding.
Don't, please do not ever assign me that.
I understand what the shift operate.
So, Inverse is a letting protocol.
on Ethereum. And obviously, I don't have to tell we have the lending, you know, daddy in this call,
you know, a key part of a lending protocol is knowing how to, how to mark assets, right? So you have to
know, how much is this worth? You know, am I properly collateralized? What is the value of my debt?
What is the value of my collateral? A lot of teams will use an off-chain Oracle system,
run their own, like with Maker. But a lot of teams will use a T-WOP. So they'll look at an AMM
and take a T-WOP over the A-M and use that as an Oracle, which allows you to support a lot of different
assets. In theory, it's more robust, et cetera, et cetera. Inverse was using a T-wop on sushi swap
for a couple of different tokens. The problem is that they were only doing a T-WOP on one block.
So basically, they were looking at the previous block that was being traded and using that
to mark the value of the assets in the next block. So Bert Miller from Flashbots actually had a
really good rundown of this on Twitter. And do you basically call it?
it's one of the most sophisticated or MEV-aware attacks that he's seen recently, where basically
the attacker used a private men pool to insert its bundle. It's bundle mine that actually
performed the attack. So arbitrage bots couldn't, you know, therefore capture its Oracle
manipulation in the same block. So basically, they push up the price of a bunch of these
different assets in one block. And they were able to borrow a bunch against it. So way more than
they would normally be able to. Again, normally this is not a big deal because on an AMM, you can then
just, you know, trade down and arbitrage against the value of an overpriced asset.
But because they got this transaction privately mined, no one was able to see it.
And also because it's a, you know, one block TWOP, basically there was no opportunity for
the, for that lending market to re-correct its price. So a very, very clever attack.
And I think, like you said, one of the most NEV-aware attacks that he'd seen recently.
Lending, Daddy, what's your take?
Nobody should use a price feed based on one block of prices.
One block or zero blocks. Zero blocks or one block are both.
extremely bad, right? There used to be a whole lot of attacks because people are using the current
price, not even one block old TWOP. They were using what's the current price? And that was like the first
wave of like, you know, price feed based disruptions. You know, a TWOP of one block is no better,
right? Like, a TWOP of one minute might not be better, right? Or even like, you know, five minutes,
right? So like it's extremely complex. This is one of the reasons why if you are borrowing
against assets, the protocol has to assume that prices might be a little bit stale or a little bit
out of date because this is a huge, huge, huge opportunity for risk. So dumb choices, bad parameters.
Then there was another cybersecurity story that came out yesterday, which is that so Open Zeppelin,
which was running an audit on behalf of Coinbase for Convex Finance,
found that there was a way for the convex, I guess, admin and or multi-stickholders
to basically rug the entire protocol and essentially drain all the funds in the protocol
using a fairly complex chain of operations within the protocol that is not supposed to be the case,
even if you have the admin keys, you're not supposed to be able to take money out of the protocol.
but admin keys were capable of performing this attack.
Now, it was an interesting story, actually,
because the question is, okay,
if you know that there's a way that billions of dollars,
in 15 billion in this case,
if you know there's a way that billions of dollars of capital
can be extracted from a protocol,
but it can't be done by anybody.
It can only be done by the admin.
How do you do responsible disclosure
for a situation like that?
And the answer that Open Zeppelin ended up coming to
was that they approached the team
and they told them,
hey guys, we found a very severe vulnerability that allows the admins to drain all the capital
in the protocol, but we can't tell you because, look, we love you guys and, like, I believe that
you're in it for the right reasons, but, like, look, there's $15 billion.
Like, we can't mess around here.
So in order for us to disclose this vulnerability to you, you have to add more people to the
multisig so that when we disclose it, we are confident that you can't get a plurality
of the multisig to sign off on any type of attack.
And so convex finance did that.
They added more people to the multisig.
then opens up and disclosed, and then they fix the bug.
So it's very, very interesting, almost like James Bond-esque series of maneuvers that had to be done here to make sure that everything could be rescued without the bomb going off.
So I thought this is an interesting one, but it's just another continuation in the through line of this week, which has been that smart contracts are hard and people keep messing them up.
I'm kind of surprised that convex has not migrated to a fully on-chain governance system.
I think in the early days of protocols, it's like pretty natural for the core team to retain a multi-sig over, you know, contract upgrades and then basically respect, you know, the votes of token holders. And so there's a sort of task agreement there. And obviously for a treasury, a lot of teams use a multi-sig, you know, but there's sort of less of an, you know, risk with that. But this seems like they had upgrade abilities on a two or three multi-sig for a protocol with 15 billion TVL, which is kind of insane. I think the story of convex is also warranted here. Wait. It is.
It was built around the Kerr finance contract,
and they kind of built this allocation tool that is actually a lot super complex.
I think, like, I know there's like this general movement of like,
hey, we want the VE model everywhere.
Unlike Tom, I'm not saying any value judgment on whether it's good or bad.
I know Tom has very strong opinions on this, as we've seen on Twitter.
Ignoring the value judgment on that, the code is actually
extremely hard to reason about.
There's like a way of abstracting the E model
to something simple,
but the way it's actually written is
much more complicated than the curve code,
which is extremely simple in a lot of ways,
minus, of course,
the sort of like how do you compute the invariant gradient
to something.
So I actually think there's like this weird thing
of like Convax is actually a little,
like it was made as a way to kind of like boosts
curve.
And then I think a lot, I suspect, based on the code commit history,
a lot of the early developers do not work on it anymore.
And they are, people are very afraid to transition
because there's not like a very good developer ecosystem around it.
And you can just go look at a code commit history and it's not,
there's a lot of like inconsistencies there in a weird way
that if I were them, I would be very afraid of transitioning to governance.
The alpha leak in this entire industry,
is read the GitHub, right?
And the convex GitHub tells a very interesting story.
What's the 90-second TLDR interesting story to leak all the alpha?
I think interesting story is very clear that the Curve development team and the convex
development team were very closely tied for a long enough time period.
Obviously, Convex built everything around Curr.
But there was a point at which they clearly diverge, and it wasn't clear who the sides of the
divergent sides were. And then the side that was maintaining convex sort of seems to have
disappeared. And there have been some community PRs, but there hasn't been a lot of like the
main developer core contributing as much. There's definitely been some patches, but in a way that
I think transitioning to governance would be hard if they weren't more involved.
That's interesting. I haven't spent enough time thinking about that. So I'm glad you brought that up,
to ruin is the idea that transitioning over into governance,
into fully on-chain governance,
requires some confidence and stability in the underlying code, right?
It's not just a matter of, okay, we're not iterating as much
or we're not as startupy anymore,
and we kind of got product market fit,
and now it's time to hand things over to on-chain governance.
It is also confidence that, like,
we're not very likely to come across a bug
that needs to get fixed overnight.
We've got some good understanding about how to change the code
and actually review code updates that happen via governance.
And we're pretty confident that we're not going to accidentally pass through governance,
something that's just going to explode the entire protocol.
And if you don't have that, then it's kind of hard.
It's almost like, you know, transitioning a project.
Like, you know, when Facebook developed some open source thing and then they're like,
great, now let's like put it into some, you know, let's create some foundation around it or whatever
and just spin it out into that thing and that thing can run it from now on.
Or hand it over to, you know, the one of these kind of open source cemetery.
where projects stop getting innovated on.
That's kind of the, I guess it's sort of equivalent for protocols
is that you can only really fully move something
out of the hands of the core team
when you're confident enough that it can live on
without the loving hands and the, you know,
the upbringing that you need in the early days
to have a secure enough code base.
And if you never get there,
you never actually get to that point
where people are confident in how to change it
and how to steward it, then it might never cross that chasm.
There's sort of a latency thing, right?
Of like when you go to full governance,
governance is not instance the way you're multisigigists, right?
There's some latency of describing the problem,
convincing the community, doing the vote.
And the question is,
do you think the high severity bugs in your code base
can be corrected at that latency?
They're not like something that needs to be corrected faster than that.
And if you don't have the confidence for that,
it can be extremely difficult, I think, community-wise, to do such a thing.
I think there are ways that have training wheels, right? There are projects that have, like,
an admin emergency stop, which makes sense, like, hey, there's a vulnerability, no more deposits,
no withdrawals, like, we're going to swap out the contract through governance versus, like,
you know, just winging it and throwing it into the wild. But, you know, one man's bug is another man's
bounty. And so, you know, true that, like, yes, something like that might be difficult to go
governance, but there's a reason why you want something like that like that to get through governance,
because the flip side is that, you know, you wield an incredible amount of power to, you know,
be able to upgrade an implementation contract like that. Yeah, two comparisons, right? The convex contract
is like very fresh contract written by this initial set of developers, but they don't rest on any
other codebase in some way. And so it's like a very new code base. And then they're not super
and it's not clear that
they're built enough
resilience around it.
On the other hand, Terra's codebath,
if you look at the commits to
Terra, there are extremely small
number of developers who have committed
to tenderment, sorry, to Terra
for contentment.
But yet, because
the Cosmos ecosystem has
an insanely large number of developers
that they're constantly upstreaming updates
from, you can actually
believe that their ecosystem is sort of
of implied a developer ecosystem is actually bigger than what their code base says.
Convex is much more weird. It's really standing on its own. And most people who copy it are
people who are, you know, for instance, Tribeca Dow has basically re-implemented Convex and
so on them. Well, that's not a very good comparison, right? Like, it's not like the Tribeca Dow
developers. Let's say there was like a big emergency. And Convex could actually go fix it
because they're not writing this weird combination of Viper and Solidity. And so there's
kind of this kind of very boring people involved thing that I think one has to consider
when fully decentralizing in a lot of ways. It's like really important to have like developer
community that understands intimately what's happening. That's just my opinion. Again, other people
may think it's safer otherwise. Fair. Fair points all around. If anything this week is a good
reminder of why this stuff matters. And, you know, we've seen a number of big failures.
And actually, not last of which, there's another story that we wanted to cover this week
of this stable coin that we don't talk about very much called the USDN. So people have probably
seen that there's a smart contract platform called Waves that's been pumping a lot over the last
few weeks, specifically after the Russian invasion of Ukraine. And it pumped a lot and then it pumped
not so much. And so Waves is a smart contract blockchain. It's been around forever.
I've only ever known it as like the Russia smart contract chain.
I haven't known a whole lot about Waves besides that.
But so Waves has a project on it called Neutrino, which is a stable coin.
Somewhat similar to Terra, but it's got different mechanics.
I don't actually understand all the details about how neutrino works.
But basically it's supposed to trade for a dollar because it's stable coin.
So a bunch of drama erupted over this last week of the founder of Waves accusing Alameda,
whom they paid FTA.
Alameda is the market-making arm associated with F-TX.
The founder of Waves accused Alameda
of despite the fact that F-TX took like a million
and a half integration fee to get Waves
and their ecosystem integrated into F-TX.
Alameda went and supposedly shorted an enormous amount
of UFDN to try to break the peg
or something along those lines
or collect a huge funding rate.
I don't know, there's a big argument on Twitter
about why exactly they were doing this.
But supposedly, the founder claims that because of that,
Neutrino is now trading below the peg.
And there's a bunch of fingers getting pointed in every direction.
It's kind of like the Spider-Man meme.
And Neutrino is now, as of right now,
they're trading at something like 88 cents.
So it is trading very comfortably below the peg
and does it not seem to be moving very much from there.
So maybe it's stable at 88 cents.
I'm not sure.
So we were talking before we began recording,
we were like, I bet Tarun knows how this thing works.
So Tarun, do you know how this thing works and can you explain this to us?
I don't, but there is someone at my work who runs a liquidator and who is explaining a very
rough estimate of it.
And I can give you the analogy, which is it's Titan plus Terra.
So it does, it has sort of like a very lossy stable coin like, you know, ESC adjusting the
inflation curve mechanism.
But then it has sort of like a, it gets more tight under big price drops.
But the problem is that the Oracle to the price drops is actually not that great because
it mainly includes the on-chain liquidity.
And their weights are not kind of super, super good for that, which is apparently a great
thing for people running liquidators.
That's the only thing I know.
So that is basically all I know.
So I apologize.
I really tried to read their docs one.
And I really felt like I was like getting like a lecture on like something I didn't understand.
And like I somehow was like this got to be a scam.
And this was like a year and a half ago.
And so then I never looked into it again.
That is generally the worst sign for a white paper when you're reading it and you feel like you're being lectured to.
And you feel like it's like, wait, why?
Where are all these terms coming from?
Like I've never heard.
Like why are you making up a new word for this?
that is that is kind of the worst feeling although you must be very used to that at giving you read math papers all the time and I feel like that's like how every math paper but like I feel like the problem with like crypto these stablecoin papers in particular is like everyone who's doing it you kind of okay here's my theories anyone who makes a new stable coin especially non collateralized stable coins is a certain type of like Theodore Kaczynski they're kind of like a little bit crazy in a certain way where they're like I am going to reinvestinging
event every fucking thing in finance.
And it's going to be exactly this way.
And it's going, and I'm going to make everything to see it.
And they have this kind of like crazed look in their face.
And it's not like their words are any different.
Their words are also equally as crazy.
They kind of have this like kind of psychopath tendency because it's like to believe
you're going to do this also without collateral.
Like collateralized systems I'm ignoring, right?
Sure.
Collateralized systems much more.
Naturally.
Naturally.
Purely algosable coins,
that people have found these things oftentimes,
number one thing I've learned,
they do not look at history.
They do not say like,
oh, what are the attempts that have happened before me?
They're just like, no, no, no, no.
I'm going to invent the greatest thing
because I'm God's gift to Earth
and I'm this genius who knows what's how.
And they never look at history.
And this neutrino thing was like
exactly to the key this thing.
I'm like, oh yeah, well, like
the central bank works this way.
insert things that partially are true, partially not true.
But, you know, we're being suppressed by the, like, political forces, X.
And so here is how we get around them by this kind of very simple, like, PID control.
That's usually the pitch.
And neutrino is that, except more political.
And every major stablecoin, especially lit to your point, the senior shares type models,
they pretty much always have a section in there about, okay, what's going to happen after the dollar collapses and how are we going to become?
You always need a section for what happens after the dollar collapses because obviously, obviously that's the most important thing I need to know when I'm investing.
Of all the crypto papers, very few are as political as the Bitcoin white paper and algorithmic stable coins.
Those are the two that, like, for no reason will invoke political like fortitude.
That's like, it's a proof of political might.
That's like what they want to do to you when you're reading that.
I actually, I think the Bitcoin paper is actually surprisingly sober.
Like, it's actually not very political.
Well, I guess I'm including all the forum posts in my interpretation.
Here's a shameless plug for the Bitcoin White Paper.
If you haven't read it in last like 24 months, go back and read it.
It's delightful because it takes extremely big things that like people spend like,
years debating, like, proof of work. And it's like, oh, no, it uses proof of work. And like,
with like an increasing difficulty. And it's like two sentences. Like the white paper is so
succinct in terms of like simplifying, extremely big things into like a two sentence. Like,
I know, it uses proof of work and the difficulty increases, like as a function of, you know,
the last difficulty. And you're like, that's the entire explanation of proof of work in the Bitcoin
white paper. It's crazy. It's so simple. And it's not political.
I agree, but I guess generally, like, you read us a layer one paper, like the smart contract
language paper.
It's like, here is the future of computation, right?
And then like, you read a paper about like a D5 protocol.
It's like, here's why Goldman Sachs sucks at doing this thing.
But then you read the Algo Stamylcoin papers and it's like, wow, you have to have a certain
type of crazy to write that.
There's just no way around it.
It's like it's built into them.
Who else would write that?
I think it's true.
I think it's true.
I think it started with BASIS, and I think BASIS is kind of like, I don't know if anybody here has read the BASISW
BASISW was basically, it was not the inventor of senior shares.
Senior of Shares was invented like, I think in 2014 or something by, I think it was Robert Sam's.
Bich shares, which failed.
Don't forget Bid Shares, RIP.
Well, Bichs was not senior shares.
It was, but they added senior shares late at the end to try to capture the like, while they were crashing.
It didn't work.
Is that right? I didn't know that.
It's okay. The founders all founded E.S., so they're fine.
They're fine. They're doing well. They're all doing well.
But I think it started with the basis. The basis is kind of taught people, like, look, if you want to do an Algo
stable coin, you've got to just be maximally crazy. Like, you cannot pull any stuff.
Like, you have, I'm going to completely reinvent money. The dollar is going to disappear because
of how awesome my stable coin is. And like, eventually this was eat the world and everyone will use
this. And I remember the back tests. I don't know if you guys saw it. Do you guys invest in basis
back in the day? I didn't, but I remember all of my friends did. Okay. Yeah. It was like it was
I did not in spite of being friends with Natter for 10 years. That's cold. No, no, no. I love Natter.
The sales pitch was crazy. Like I had I was like, am I? What world am I in? Like I had to just
be like, I need more drugs if I'm going to believe this pitch.
Yeah, to be clear.
I love Natter.
I thought BASIS had a ton of problems, and we saw in practice that it obviously did,
because everything that tried to implement BASIS failed and broke pretty quickly.
But I love Nader, but like the, I remember when I read the back test, so like, this was,
this was early days of crypto.
And so anything that you wrote that was technical, people just immediately believed.
And so he wrote this, they did these simulations that basically showed that BASIS,
The question was always like, okay, the senior shares model, is it not just going to break in times of high volatility?
And they were like, all right, we're going to do these simulations that proves during like the Mexican peso crisis, you know, the rubble crisis.
Like when, you know, like in the Civil War, we're going to take all the economic data and we're going to run simulations that proves that basis works even during like the worst possible periods in history.
And I'm like, I don't believe you.
I do not believe you.
I believe you did something that shows a program that says something.
I don't believe you that basis would work in any of those circumstances.
Yeah, the real world when you have a bunch of DGens with the money and something,
it won't perform like you think.
Yeah, I'm working on a pet theory around these seniorage models around.
I mean, obviously the issue is always like at some point, the price of the share component
starts going down.
There's like a crisis of confidence around the system, and that inevitably sort of leads
to this, you know, collapse.
But if you look at the ones that have been, you know, moderately successful,
far, it's Terra and its waves, Nutrino.
I think that's a part because the shares component is this like, you know, yield generating
share in a proof of stake blockchain.
And so it's like, there's, there's something going on here.
It's like, well, you know, this can't be worth nothing because I'm getting 15% a year
stake in my Luna or staking my neutrino.
And so it's like you use some sort of like, you know, mental shift and like, oh, there's some
fundamental value versus like, this is just some coin that they minted, you know,
fuck this, like this whole thing is going to zero, which is, you know, tends to be sort of the end state for all these, uh, senior's models.
Well, it's also that there's some exogenous demand, right? So for, for Tara, you know, Tara has a senior shares type model,
but there people want Terra for other reasons beyond just the stable, I mean, you know, presumably people want Terra for
reasons other than the stable coin, which is why, you know, it, it has at least some nominal diversification
of the value of the share token. You mean anchor? Yes. So I understand.
Yeah, obviously a lot of it is anchor.
A lot of the UST demand is and the lunar demand is anchor.
But in principle at least, it's nominally better.
And I think that was the key to actually being a layer one,
stable coin, that like cello miss, that basis miss.
A lot of the people who are kind of trying to gear for that model
hope that the organic demand would be payments, right?
Like the dream of stable coins is always payment.
But it was wrong.
You can't really bootstrap stable coins.
off payments. You have to bootstrap
defa fonts lending and
more complicated things because at the
end of the day, the dumb
users are not the first users.
And like that, it's impossible to bootstrap
at that point, right? And
speaking of stablecoin, we're going to see
a Bitcoin stablecline soon, according to
the news today. Wait, which news
is this? Lightning Labs.
Oh, I did not see
this. Someone want to explain this?
I just woke up. It's morning here in Singapore.
In our last five minutes, what's happening with a Bitcoin stablecoin?
Well, Lightning Labs raise like $70 million for a sort of Bitcoin token standard and Bitcoin
Staplequin.
I thought it was just stablecoins on Bitcoin through Lightning.
Is it actually a Bitcoin-backed stablecoin?
It's not clearly Bitcoin backed.
I think the main thing is they have a sort of modification of this token standard that people
have been like trying to build on top of Lightning.
I'm sure I'm offending some pure Bitcoiners on what I call it a token standard,
but there is an overlay network that you can transfer value of assets that are not directly
pegged to Bitcoin.
Sorry, hopefully that's the politically correct definition of a token in that corner of the
universe.
You know, they want to actually build a low variance asset for it.
It's like the Winnie the Pumee.
You know, it's like the low class of stable coin.
You got the high class, the low variance asset.
I'm just parroting what I've read.
I want to offend no one.
Well, you failed at offending no one for sure.
Yeah, it's hard.
It's interesting how incredibly political stable coins have become.
They used to be a pretty boring and unobjectionable part of crypto.
Now it turns out they're the most exciting part of crypto.
Just real quick, last piece of news, which is kind of crypto adjacent, but I'm accounted as
crypto. Elon Musk was just announced as having taken a massive stake in Twitter. He was secretly
buying up Twitter equity over the last couple months. He now owns 9.2% of the overall share of
Twitter. He makes the single largest shareholder in Twitter. And he was just appointed today
to the Twitter board of directors. So Elon Musk is now going to be influencing stuff happening
at Twitter. How do we feel about this, everybody?
one of the greatest SEC filings in history.
It is like the shortest thing ever.
It's like SEC, Elon Musk has joined the board of Twitter.
He agrees not to own 14.9%.
The end.
Amazing.
Amazing.
Edgar has been blessed.
I was actually wondering about that.
Why is it 14.9%.
If I had to guess in like the corporate Raider 80s,
or whatever, you know, they said, oh, owning 15% has all sort of different things.
They said, well, it can't be 15. 14.9 is where, like, the limit is.
That sounds exactly like, you know, probably the rest.
Yeah, they're...
I feel like Elon is living the Web 3 dream, you know?
It's the largest users of the protocol are governing the protocol in a very, you know,
clunky backwards way, but this is the way it should be.
I think it's great.
I actually think we're going to see a lot more
crypto-native features come to Twitter.
That's my prediction.
I mean, we already saw it
with Jack getting kicked out,
like almost literally the next two days
after he left.
Well, let's see if maybe SBF is going to buy,
you know, I don't know.
What could he buy?
Foursquare?
Well, the ESPN part of the world is weird
because every sports person
is making an NFT platform right now.
It's true.
So I don't know what the, I don't know what the economics are.
Yeah.
The unfortunate reality is that actually SBF doesn't need to buy anything because everyone's
already going all in on crypto.
So things will just kind of happen whether or not crypto people buy a stake in them.
One last news item is the FTX investing in IEX thing.
A, proof flash boys was wrong, which I'm personally having worked in the industry,
I feel vindicated a little bit.
But the second thing is that FTX buying IEX tells you a little bit of a signal that like stocks and crypto are going to converge to the same thing.
Five years.
Well, they bought a stake in IX, right?
Like they didn't, they didn't buy IEX.
Did they?
No, but they're basically, it seems like it's the type of thing where like they need ATS licenses and they want to do FTSUS doing stock trading.
And they want stock and crypto trading same place.
You don't know just the difference.
and IEX is like the weakest dog at the
it's like the half mute missing one leg dog
has 2% market share on a good day
and not exactly the like sharpest tool
at the shed on the equities markets
and equities markets are razor thin margins right
so it's like and they were already kind of struggling
so like it was it was very pointed to people
in the HFT world we were all just like
all my group chats woke up being like
stocks and equities are the same in five years.
Wow. That's a bold vision. That's exciting.
I have a sneaking suspicion that it may be,
it's kind of like when Sequoian Paradigm invested into...
Sitzk? No, Sitzk, in particular Sitzk, not the rest of Sitzel.
Yeah, yeah, yeah, yeah, exactly, exactly.
No, just AXFT part. Pung is going to be CEO, not even Ken Griffin.
That's crazy. Pung, who's this like a stats PhD guy,
professor, former professor, he was the one who was like going on CNN. I was like,
what the fuck? Like, I can't believe that guy is going on CNN to represent Citadel.
Like, it was a very, it's a weird world. Like, let's just say, like, the trading world is
getting blown up by crypto. And the IEX thing to me was more of a signal than Citadel because
it was like the big dog crypto exchanges want to compete with U.S. equities exchanges. Like,
like, and they could. Like, the fact that they could. Like, the fact that they could.
it's crazy, right? Two years ago, you would never have thought that. One year ago, you would
never have thought that. Well, speaking of crypto blowing up, actually last thing, Tarun,
last time we announced the news of Gauntlet becoming a unicorn. And so now that you're actually
here and are willing to grace us with your presence, we want to congratulate you on the
amazing progress that Gauntlet has made. Would you like to give us a word in your acceptance
speech of your unicorn status?
You know, given
that award shows
has not had a great couple weeks
as we all know,
all I have to say is,
I hope I have better
colored hair next time I'm on the show.
Yeah, what's going on, man?
Are you going, are you going clean now
now that you've made it big?
No, it's just that my, I got to
red dye my hair. I've been lazy, so
I promise, I promise
the viewer is something better soon.
Yeah, can we do like an on-chain vote for this?
I would actually, that's great.
That's great.
One of you can start a poll and I will go do it.
Okay, okay, okay, okay.
I'm starting a poll right now.
All right, for the at-home listeners on the podcast side,
Tarun's hair right now is Jet Black.
Robert Leshner is going to be launching the poll.
Come and vote on what Tarun's hair is going to be next time he pops on the show.
What are the choices?
Oh, he's got a few highlights.
He's fading.
Yeah, okay, okay.
I'd say, I'd say at least magenta needs to be on there.
Magenta.
What else?
Green, obviously.
Green, green's a classic.
Uh-huh.
What else?
Two more.
White?
Yeah, just go bleach it, you know.
All right, I'm putting it as an option, but I don't know.
It's non-binding.
All right.
It's a one-on-one multi-siguan.
One more choice.
One more choice.
Throon.
What do we have?
I was going to just go green because I always do green, but...
Blue?
Yeah, let's do blue.
Let's throw blue in there.
It really depends.
It's like I've gone to the same hairstylist for 12 years, and I only go to the same person.
And whatever she says does kind of dominate.
So like, just understand that there's not a final poll.
Okay.
So, okay.
Well, let's end the show here.
but I'm going to put up this poll imminently.
That sounds good.
All right.
Thanks, everybody.
In a couple weeks, we'll check back in
and see how Truin's hair is doing.
See, everyone.
Thanks again.
Thanks, everyone.