Unchained - Uneasy Money: How the Resolv Hack Shows an Audit Doesn't Mean 'Secure'
Episode Date: March 27, 2026Chaos Labs’ Omer Goldberg joins the crew to dig into the Resolv Labs exploit. Why was the USR minting function controlled by a single key? And how did audits miss it? Thank you to our sponsors! ... Fuse: The Energy Network – Shift your energy use and earn rewards. MultiChain Advisors - The Growth & Capital Markets Partner You Need Crypto Tax Girl $25 million extracted and millions more in bad debt across lending protocols. Chaos Labs founder Omer Goldberg joins Uneasy Money hosts Kain Warwick, Luca Netz and Taylor Monahan to unpack the Resolv exploit. They dive into how the exploit reveals DeFi's basic OpSec and risk judgement failings. Omer highlights the various ways it could have been prevented as Tay says protocol audits have become “security theater.” Kain questions Morpho's curator model after its pools were hit hard as the contagion spread. He also highlights markers that suggest the exploit may have been executed in panic. Beyond the Resolv exploit, the crew highlights that Aave v4 has made it out of governance, discussing the motivations behind the upgrade and whether the hub and spoke model will impact listing standards. Hosts: Kain Warwick, Founder of Infinex and Synthetix Taylor Monahan, Security Expert Luca Netz, CEO of Pudgy Penguins Guest: Omer Goldberg, Founder and CEO of Chaos Labs Links: Unchained: Aave V4 Clears First Governance Vote with 100% Support After Months of Internal Conflict Stani Kulechov on Why Aave Labs Is Putting Itself at the Mercy of the DAO How Aave Labs and the DAO Should Split Ownership of the Brand – Uneasy Money Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
Hey everyone, I'm Kane Warwick and welcome to Uneasy Money because what happens on chain never stays on chain.
Before we start, nothing new here on UnEasy Money is financial advice.
We're just four builders talking about what's happening on chain and we want you to always do your own research before aping it.
You can find all our disclosures at Unchained Crypto.com slash uneasy money.
The Energy Network is an intelligent, decentralized grid that coordinates smart devices to balance supply and demand.
Energy Dollar is the native token of the network.
from one of Europe's fastest growing energy startups.
Follow at Fuse Energy on X to find out more.
Multi-Chain Advisors is an emerging technology growth firm
that has helped create $50-plus billion in enterprise value
for 80-plus clients over the past four years.
They're the partner to help navigate markets.
Build real traction today at multi-chain ADV.com.
If crypto taxes feel overwhelming, you are not alone.
That's why Crypto Tax Girl, a team that's been helping crypto investors since 2017,
is offering $100 off on one-on-one crypto tax help.
To get $100 off your crypto tax services, go to Cryptotaxgirl.com slash unchained.
Again, that's Cryptotaxgirl.com slash unchained.
All right, I'm here with my co-host, Taylor Monaghan, security expert.
We could definitely use a few more security experts on this show this week.
We've got some stuff to cover and looking at CEO of Punchy Penguins.
And joining us today, we have a special guest, Omerick Goldberg, CEO Chaos Labs.
Welcome to there.
We have a lot of wild stuff to cover today.
So let's just dive in.
The first thing is this resolve situation.
$300,000 in and $54 million gone.
So what happened on Sunday night, I believe, an attacker compromised resolves.
W.S hosted private key, minted $80 million of unbacked USR for 300K, dumped it on curve,
and walked away with $24 million in Eath. USR crashed from a dollar to $2.5.5, I think.
Not too bad. Not zero. It held up. Okay, there. And the protocol pulls three hours later.
The three hours later thing, I guess we'll get into that, but that seems like a,
decent amount of time for something like this to happen.
And so, yeah, there were a bunch of issues with morpho lending markets.
Steakhouse was also caught up in this.
And I think, you know, there's this kind of automated allocation on the, on the minting
side.
And, you know, we can probably, we can probably jump into it here with your tape.
But like this idea of like making this convenient.
as possible to mint sable coins.
There's a long period of time, right,
if you go back to like the tether days
where everyone was always mad at tether
because it was like this black box minting process
and only certain people are allowed to mint.
And you know, maybe there's some stuff
we can learn from C-Fi, I guess.
Yeah, well, and I'm very excited to hear Omar's perspective
because for me, my perspective is this is actually
there's a lot of wild stuff that happened and there's a lot of complexity in what happened and how
where bad debt was accrued where the losses happened where things can be improved there
but at the root we do in fact go back to the fact that a single party had a single key
that thing was compromised by some bad actors and that allowed them to take unilateral action
and apparently this unilateral action basically minting a whole
bunch of USR was either not monitored or it maybe they had alerts on it but nobody was monitoring those alerts.
And so it, you know, as we go into all of the more interesting complexities around this, I just
want to remind everyone that at the end of the day, this is a very web-to-oriented hack.
This is a key that was compromised.
That was controlled by.
That's right.
Yeah, so it's, yeah, so it wasn't, it's not quite your perfectly classic private key compromise, but it's about as close as it as it gets.
Basically, the key to AWS was compromised and the AWS and basically all infra have like key management solutions.
And so you like put your private key in this little section of AWS and you're like, now it can't be exported.
Now it can't be compromised.
But in order to interact with that key and in order to take actions like minting or any sort of actions, right?
Wherever that key lives, you have to be able to interact with it.
And so sometimes the system can allow the key to be exported or, you know, if it's like slightly more secure,
then you just have to like ask the key to mint or burn or whatever, do whatever, move everyone's money,
whatever the case may be.
Right.
So just a question on that, right?
Like so, you know, the old school defy way was you just have like an unencrypted private keys sitting on your laptop.
Yeah, you're a me of us on your laptop.
Yeah, and someone breaks into your laptop and steals it.
But we're like, no, no, no, that's crazy.
You wouldn't do that anymore.
Now we're just going to put a single private key into AWS.
and Jeff Bezos moved off everyone from their into the in their secrets manager where
keys and so so just to be clear this was not someone breaking AWS's key management system or something
like that this is just someone getting a password for something effectively yeah basically like
getting into the AWS account and then once you're in the AWS account you can basically
command that key to do whatever you want um in most cases in most acts that we see they just
export the key from the secrets manager. In this case, it sounds like that wasn't what happened.
They just, they just were able to, once they were in AWS, they're able to say, yo, minch me all
this money. Thank you. Right, right. So they didn't even have to exfiltrate the key. They could just
it's like super user access as soon as you're in AWS. Yeah. And it, you know, it goes back to,
you know, the, the, the attack service, but also.
So in my opinion, like this is basic risk management.
The reason you don't want your private key compromise,
the reason you don't keep it in your bed and mask,
is because that key can then go and do things that harm your protocol or people or whatever.
Just because you move that key to AWS or another secure solution doesn't mean that those outcomes are now impossible.
It just changes how those outcomes are accomplished.
And so instead of, you know, hacking the one computer and taking it out of MetaMask, you hack the AWS and you take it out of AWS Secrets Manager, those sorts of things.
And so I think we do need to get more robust in terms of, you know, just actually doing the threat modeling and actually understanding what are we projecting against?
How do you monitor these things? How do you prevent these things from happening?
Because it might be like, I'm just as a as a pudgy maxi, I just want to make sure, Luca, the private.
a key that allows you to mint more pudgy penguin NFTs, right? That's another name.
WUS. Yeah, yeah, we're good. Okay. Omer, what's your take on this? Yeah. I mean, A, let's start
with a lot of money was lost and bad that was created. So first thing, it's like a difficult event
for the industry. Just like on the AWS front, like even within AWS, there are levels.
to it, right? So probably the most straightforward thing is like storing a single key in your EKS,
but even if you are using AWS and you're using their secret manager, you can have like
TuFAC on AWS, you can have biometrics and of course on top of everything. Like if you care about
security, you don't want to have a single key that ever has unlimited permission to do an
infinite mint. So even if one person in the organization, um,
is compromised. You want it to at least require, you know, several more. And that makes it all the more difficult for any attacker to get unilateral control over the minting function. So even an AWS and kind of Web 2, there are levels to security that you can take in order to kind of protect protocols.
So just a question on that, right? Like, is there any good reason why someone would have a single, like, is this some like architectural choice where they're like,
We don't want to be there when minting happens.
We want people to be able to mint any time.
We want to be convenient or whatever.
So we need this key that has the minting control
to live in AWS so that at any time someone can turn up
and we can mint tokens.
Is that like architecturally, is that kind of the intent here?
Or is it just not, not, you know, well-lawed out?
So A, I mean, I haven't at least seen
like an official post-mortem, I think.
Post-mortem, yeah.
right yeah some of it is still ongoing and i think they're negotiating with the exploiter and
you know i expect them to kind of share more details um once it's no longer an ongoing situation
but i don't think that anyone would be interested to hear their take but i don't think that anyone
would argue that this is like an architectural like decision or that it's like superior in any way
i don't know like what the circumstances were that um that led them to kind of making that choice
Interestingly, on the audit, there were other parts of the contract that required multi-six
and had a different like operational security model.
So to answer your question, I don't know, but it does seem like for any kind of stable coin.
You know, we've seen these hacks before, infinite mean hacks like super prevalent in 2021,
2022.
It's kind of the core, one of the core functions that you need to be careful of.
So we'll be interested to hear the reasoning, but there are a lot of ways to do it.
And that's just on the AWS front.
Like also there are Defineative solutions like to do this.
So there are things like proof of reserve oracles, right?
So you have like a separate Oracle that is basically tasked with understanding the value
of the reserves at any given time.
And there's just like an on chain check, right?
Like there shouldn't be a gap.
I think at the end, the ratio between the minted USR to what was back was 266 to 1.
Right.
And many stable points today.
will do things, A, like controlling the velocity at which something should be minted.
So, you know, maybe there shouldn't be more than 10 million mints within an hour.
Like the max is 10 million per hour.
And if you want to mint 80 million, it takes you a day, which is totally like a legitimate choice.
I don't have time for that. I don't have time for that shit.
I need my 80 mil in three minutes or I'll find another stable coin.
There's a competitive market.
I can't wait all day for 80 mil.
There are tradeoffs and tradeoffs were made.
But there are ways to mitigate this both on the Web 3 side and the Web 2 side.
Yeah.
Right.
Yeah.
Yeah.
Interesting.
I mean, this like most defy things, and I'm sure Tay, you've got more takes here, but
like it feels like there are what, you know, in like the nuclear industry they call like
normal accidents, right?
Like these like cascading things of like,
the guy just like leaves the door open because it's cold that day and the old wind blows onto the
console and the console gets cold and it does a weird thing that it doesn't usually do and then like
something catches on fire down and then all of a sudden you get a nuclear meltdown um and you know
there's a bunch of things where it's like oh man we're supposed to have an alarm if the door was open
for too long but the alarm the battery ran out and you know like you just have these like weird
series of events that you know you think well there's not going to be five of
these things or seven of these things, you know, we've got seven fail-safes. There's no way that
seven things could go wrong consecutively. I mean, it's funny, like people probably forget this,
but synthetics had an oracle-related issue like this where we printed $11 billion worth of
synthetic ether back in 2019. This is when we learned not to roll our own oracles and switch
to a chain link.
But, you know, we had a bunch of checks there as well, like, oh, you can't do this, you can't do this.
But, you know, it was it was this weird situation.
And we didn't have any cap on minting, you know, because it was defy.
We were like, kind of stop things from happening.
Like, code is all, bro.
So, so, you know, we had, we had all of these things that we could have done that we didn't do that, like, were, you know, very obvious checks.
But, but we then subsequently were like, okay.
we've learned our lesson we'll do this we also had you know a situation where we had to negotiate
with the hacker um i think we paid him like 50 e and got the money back um but we luckily we
paused the protocol fairly quickly we had like a pause thing and i think paused it within
like uh an hour or something like that less than an hour um after it happened so um so yeah tell you
what's what's what's your take on this like from an architectural standpoint even though we don't have
mortum yet but what's i think it just again it just goes back to defy spends a lot of time i think thinking about
and analyzing and obsessing about sort of more novel risks and more interesting things and especially
the things that seem like impossible to mitigate um and as a result somehow like the basic
operational security and basic threat modeling
just doesn't get paid attention to.
It's a very weird thing.
Smart contract audit.
I mean, that's like startup life, right?
Like, I'm sure if you go back to the start, I'm sure if you go back to the start, I'm sure.
It is.
If you go back to the start of this thing, there's someone that was like, we'll just use AWS, KMS for the first six weeks.
And then we'll, like, switch to this like multi.
And they've got a whole plan of like all these things that they're going to do.
And then life, life comes at you fast.
you're like, holy shit, we have a billion dollars with TVL.
This is.
Yeah.
We've got other things we're scrambling to solve.
It's just, it's, it's so interesting to me because if you, if you just imagine, like,
the most basic threat model for a stable coin, like an infinite mint, basically like losing
control of, of the supply is like, top the list.
Okay.
So how does it happen?
Right.
And so you just go down the list.
And it's interesting to me that there was, you know, because there are, they have undergone audits.
There have been discussions.
They obviously do.
It's not like they're just complete idiots and not thinking about risk.
They are.
But like the biggest most basic top of mind one, it doesn't seem like people have paid enough attention to.
And it's not just them.
Like I really don't want to pick on them.
They're probably better than most of Defi because at least it's in an AWS.
Like, no joke.
Yeah, there's a lot of people, I mean, you know, you don't, you don't hear about the things that don't happen, right?
And, you know, there's a lot of people that just have like an infinite mint P.K.
Sitting in Meta Mosque on their, like, machine, right?
And for whatever reason, they don't get the Zoom call or something.
And so you never hear about it.
Yeah, exactly.
So I would just encourage people, like, again, just go back to, and especially the security auditors and the risk people, like,
I understand that you want to look at the most novel, most defy, most smart contract,
these hard, impossible, like super fun things.
But if you're not going to just sit there and like at least like write down what the
requirements are to mint and acknowledge that it's like it's whoever has access to this
AWS can mint forever, then I then I just question like how you can call that a security audit.
Right? It's just the most basic stuff.
But I want to give Omer the chance to talk about his perspective on this because it's definitely very different than mine.
No, I think I'm pretty aligned with everything that you've said thus far.
Kane, your comment on like the startup life and things moving fast, like on one hand, that's true.
But I think just every startup has, you know, tradeoffs that are acceptable.
So if you're like running a social media site and you're obsessed with growth,
then you're going to make some trade-offs or prioritize differently like security.
And the worst case is like some consumer aspect being leaked, which isn't great either.
But maybe there's like an argument there, but like as a stable coin startup, just for any or any asset issuer in general, I think there's like, I don't know if there's, it's a worst case scenario.
Right. So that should be top of mind for for everyone, even if it does introduce friction.
And like, yes, security introduces friction.
but there's a reason for it.
And so yeah, I think that's just a good framing for anyone
who's working with assets.
Taylor, really interested to hear your perspective
on like the security audit itself.
Because I think when people hear security audit or like risk,
in their mind, they assume that the auditor is engaged
or looking at every part of the system,
which isn't necessarily the case,
because a lot of these protocols are iterating.
They'll work with like,
many auditors and each will look at different parts of the system and also different points in time.
I think the metric for this or the number, someone had said something like 14 audits had been done.
But when you look at the audits, I think, and it needs to be verified, but that no part of the system was audited more than twice and that most of the audits were on separate components.
So.
Which is a bit, like even for me, that feels unusual, right? Like, you know, the, the, you know, the,
the iterative audit approach is definitely something that I think has has kind of like grown over time.
But it used to be that you would sit there and like do three full holistic end-tend audits.
But to your point, hey, you could do 50 end-to-end holistic audits on smart contracts and no one looks at like the KMS, you know,
no one says to you, hey, like is by any chance is the password in like Apple notes for this AWS?
And you're like, oh, yeah, it is.
Yeah.
But like, it's kind of like, it's fine.
It's fine.
Like, Amazon's safe.
Don't worry about it, bro.
Yeah, it's, um, I think you're right on audits.
I didn't look, I didn't dive into every single one.
But there are a huge amount of audits, but they did seem to be pretty narrow in scope.
At some point, I do feel like the audits become.
like security theater and this like sort of even what we're sort of seeing with like the the risk
people and like this sort of like partnership engagement relationship thing that's emerging
it feels a bit like security theater um the way that like i would approach this is like you're
going to sit down first as a team and you're going to again like attack surface threat model
like what are the bad things that can happen and let's prioritize them um and then yeah there's going to be
certain experts that can help like check your stuff help you write the test help you understand
the stuff help you mitigate the risk whatever it may be um but if you don't have that it's just
like the approach right if you don't have the initial threat model done so that you know
exactly what you're trying to accomplish and what risk you're trying to mitigate then you end
up being like, okay, we just, we need an audit. And so you find the available auditor at the
price point that you want, um, with the brand name that you want. And then you're like, hey,
audit me. And like, yeah, it's like a rubber stamp sort of I need to, I need to put the audit on my
you know, website sort of thing. And and this is in defense of security auditors. This is why
the auditors are like that's out of scope. Like we were not engaged to look at that thing. We weren't
supposed to look at that thing.
Why didn't we ask that question?
Because that's not what we were there for.
I do get it.
But I do think, like, at some point,
oops,
sorry.
At some point,
Baby Shark.
Broke through my due not disturb even.
At some point,
we'll talk about it next week,
whatever that was, I'm sure.
At some point,
I just think the security auditors have to,
like,
I don't know, figure out a way to make sure that the teams are properly prepared and are sort of aligned like fundamentally in a position you get an audit.
Yeah.
Yeah.
Just be like, hey guys, like we're not going to audit this, but if we're going to put our name on your website, we want to make sure like some basic due diligence of, you know, just checking to make sure that the infinite mint password is not in.
Apple notes. Just if you don't mind. We'll just check on that. Hey, Luca, like, you know, you have for
what it's worth, I was joking about the NFTs, right? But you've got a lot of attack surface in your life,
right? You know, like you have to, you have to think about this sort of stuff, you know,
particularly when it comes to like abstract, right? Like there's a wallet in front, like you've got like a
lot of tax attack surface across all of the abstract stuff. Let's,
alone, you know, Pengu, presumably, you guys kind of close that off, right? And pudgies,
I was joked about the NFTs. You can't admit more pudgies, unfortunately. But on the abstract
side, like, you have a lot of attack surface. Like, how do you think about this? Yeah.
I mean, as somebody who's not a technical lead, all I can say is it's for a while, and a lot of the
members on the team can quote me on this, has been my biggest fear. And I remind them consistently
that it's my biggest fear. And that, you know, there's a lot of things that we can fight.
But one of the, you know, that's a code red delta force, you know, you, you can't go back from that.
And so, you know, all I can do is a non-technical founder is stressed the rest of the guys and saying that, you know, we have to make sure we practice, you know, best in class obsec.
And I really trust them to do it. But, you know, I have the beauty is about our organization is the president.
of Igloo, who's Lorenzo,
like a four-time national robotics champion.
He was our CTO before he was our president.
And so he has a really great deep dive to kind of DD
when I make those call to actions
to make sure that when those guys say,
you know, we're practicing best in class obsec.
And I probably would say it's like the one place
I will never question the cost.
It's the one place I will never question the resources
or the effort or, you know,
the parameters that are needed to make certain changes.
I think we need, you know, multiple lawyers to sign, multiple people in different jurisdictions.
You know, one person can't, you know, ruin the whole ship if there's some reason hogtide, you know, in a hotel room.
You know, we, as best practices you can kind of enable, I've basically encouraged them and said, like, look, there's places we can cut corners and places we can be cheap.
This is the place that if it costs a gargantuan amount of money, it costs a gargantuan amount of money.
And that's probably the best that I can do as a non-technical founder and then have my guy Lorenzo fact-check when these guys say that we're taking the best steps to making sure that everything is as safe as possible.
But like, you know, it's also like posture, right?
Like it's like, you know, I'm non-technical.
Like, don't bother me about this guys.
Like I'm talking to Walmart, you know, about like the next, you know, merch deal.
That kind of attitude, I think, is what becomes like very concerning, right?
if there isn't like a sense of, you know, ownership, even if you're non-technical, right,
that like, hey, let's make sure we don't do really dumb stuff.
Like, let's actually invest the time and effort.
And that's like, it's not even usually money, right?
It's just like the time to slow down to say, let's do obsec right,
as opposed to whatever's expedient to just, you know, get things done.
Yeah, I'm super paranoid about this.
So, like, I, every couple of weeks, I drop a chat to some people just thinking of things.
on the chain side, the difficult element actually is because we have that interface and that
curated interface. It's actually less about the back end and our side of the ship that I worry about.
It's the other people's side of the ship. But because I curate the interface in the front end,
if some of the third parties get hacked, they blame me as a curator. And that has actually
happened. And when that happened, we actually went out of our own pocket to refund,
and probably said a bad precedent in that respect.
But, but, you know, it was the first time that it had happened.
It was really early after launch.
You know, today, you know, we obviously have to be featured on the portal
and the platform that we curate.
You have to go through a couple audits, you know,
through trusted people that we obviously respect, you know,
whose audits we respect.
But that's actually the more complicated one is if I curate something
and I say something to the community that some,
you know, by being on our platform,
that it's safe and then that gets compromised.
Unfortunately, they blame me, even though being frank, like, you can only do best practice
and that's ultimately, you know, to the builder.
But that's the more tricky one.
I am pretty confident on our boat, especially because, one, I'm super paranoid and I repeat it
to the team consistently across both organizations, Pudgy Penguins and abstract.
And I'm very confident in that team's talent and ability to like listen and understand
that that's a huge risk factor, if not.
not the biggest respect.
You can come back from pretty much everything.
Like that's one of the few things I think
is very hard to come back from.
So like in that, you know, I can come back from Fudd.
I can come back from low sentiment.
Like that thing, those things happen.
A big hack is something that's really hard to come back from.
Even on the social side, I had my socials hit.
So then you have that like everyone's on Yuba Keys.
You know, at Pudgy Penguins, we pay a guy's six figure salary
to literally do OPSEC all day.
We have a head of security at Paddy Penguins.
You wouldn't even believe that ex-CIA guy named Beau.
So he's great.
You know, most organizations don't have a, you know,
a head of security running around.
But like I'm that paranoid about it, that it means a ton to me.
And so some fishing, things like that.
So we take it very seriously here.
Nice. Awesome.
So let's talk about contagion here because I think this is another very interesting thing.
Tate, do you want to just walk us through?
No, I am here to listen.
Listen, I'm here to listen.
It is, because this is like quite over my head.
Once we get into the weeds on this, this is over my head.
And so I'm here to learn on this one.
All right, Omer, walk us through it.
All right, I'll do my best to go through the timeline.
And then also, Luca, there's some interesting parallels
with what you were describing with the front end,
because usually when you get, there are actually like many different types of front end
the tax, but I think the one that seems that nation state actually
nation state actors like DPRK, like North Korea, have been weaponizing is what's called a supply chain attack.
And the supply chain attack, let's say on your website, you're using a bunch of JavaScript packages, like popular ones.
Someone through social engineering or any other vector is able to get control of that package.
And then makes a small modification where they put like a special surprise in the package for anyone who's downloading it.
And effectively, like, what that does in many cases is it gives an attacker root access to your machine.
So, Kane, and like your example of someone holding like a PK on their laptop,
there are just many cases where someone might be installing like a JavaScript or Python package,
and suddenly like all the keys are compromised.
So it could actually come from what we actually.
We don't have this on the list of things from this week because it's been crazy.
I actually had a small scare yesterday morning where the Python
Yeah, yeah, yeah, it got compromised.
And I had literally been in the process the night before of installing a bunch of Python stuff related to agents.
And my immediate thought was like, I have no idea what dependencies I pulled down.
It was probably like a hundred things that I pulled down to make this stupid,
stupid thing that I was by coding work, right?
And I just was not paying attention to it.
I was like, oh, this is fine.
And then I woke up the next morning.
And I was like, oh, Python, that sounds bad.
I was doing a bunch of Python stuff.
So I didn't know what you installed.
Yeah, 100%.
No, I check.
Yeah, I checked it.
But I wasn't at the machine.
And I was like, this is not great.
So it's really common.
And I'll just like say on that note, like even
this are a solution. So there are companies that all they do is like kind of make sure that
all the packages that are being solved in an organization are safe. And, you know, when you're
working with Claude, it's probably, or open it like codex, it's pulling in whatever it needs
at runtime. But there's something called package pinning, right? So like you reviewed a version
of the package. You're not auto-updating. And it only kind of allows you to auto-update after
it's clean. So that's also like the best practice for everyone. But we can
speak more about what happened over the weekend in transition there.
So during the weekend at around 220 UTC, I think it was the exploit started.
There was an infinite mint.
And the attacker, I think, did several calls to mint, if I'm not mistaken.
So it wasn't some like atomic thing that they ran.
And that's when the contagion started.
So fine, like USR is infinitely minted, but it's backed off chain.
And in and of itself, like if it wasn't integrated anywhere, at that point, they could contain everything, right?
Because they'd be able to say, like, hey, we know what was minted before and after this happened.
We'll take a snapshot and either will, you know, make a new token that all the holders before that hack had and just invalidate everything that the attacker had.
But it's defy.
And everything is like...
Sure. I was about to say, I don't know if you've heard of complete.
possibility.
Yeah.
This is kind of our number one thing.
We don't want it to be only connected to one thing.
We wanted to be connected to 100 things in a way that part we did well.
We nailed that part.
It was connected in many, many places.
And basically the attacker curve was a big one.
So there were curve pools that had USR against other stable coins, started swapping there,
then before moving ultimately into Ethereum.
And then all the lending protocols.
So I think it was fluid Venus morpho, where the main venues.
They got hit up.
And the attack from that point is very simple.
These venues accept USR as collateral.
So you deposit it as collateral.
It's a stable coin.
And it lets you kind of most platforms will give you like a high loan to value ratio against it.
So not one to one, but let's say like 95% on each one.
And just start draining.
Drainning, draining, draining, draining, as much as you can.
in big batches. So fluid and Venus, I think, were like over 20 million a piece. Then there was
morpho, which I think in aggregate is over 10 million. And that's where the contagion happen.
And it's the same kind of a method of operation. Just take whatever stable you can or kind of blue
chip asset, move into ETH, and then figure out how you're going to get it off chain.
So there is a difference. I think that like in fluid and Venus, there were just
actual markets for this so the attacker could do it pretty quickly and there was liquidity against
it which allowed for it in Morpho at the time of the hack there was actually very little liquidity
across most of the vault so at the time of the hack there was in Morpho the damage was 5k
which is great it's it's nothing at that point right and you'd expect it to end but Morphal has
this feature called public allocator and in theory it's
supposed to be really nice. Like you say, hey, if there's like an area where the or a market where the
interest rate spikes and I've whitelisted it as a fault curator, I can route liquidity there
automatically, automation, defy, composing. Something good is probably happening in this situation, right?
When interest spikes, there's a lot of demand. It's probably a white swan, not a black swan.
Is the reasoning here, I'm assuming? I think that's like in the first two seconds,
that you think about it, you're like, oh, this is great.
We're going to make more yield off of this interest rate
and let's just send all of the funds there.
But then I think the immediate question was like, wait,
like this thing had five-day.
Why is it not to like tens of millions of dollars
in like, you know, the 20 minutes?
It's kind of weird.
And so yeah, I think we're waiting for like several post-wornems,
but from what it looks like and what you can see
chain. There were batches of USC and other stable coins that we don't know if it's an attacker
or just random med bots, but we're requesting to borrow against USR and it was happily like
approved. So you had all the USC flowing through. And it went from being like a 5k exposure on
Morpho to I think across all the markets it's around 10. I want to say eight, but it could be more.
There's a lot of markets that had it listed. So that was like part two of
of the hack, which is a little bit less.
I don't think, I don't recall something of that where we've seen.
Definitely seen like stables or infinite mints go into like a lending protocol or like a curve pool and take whatever you can until it dries up.
But the liquidity is done, right?
Yeah.
But this part was different.
It lasted for.
So the gaunt vaults were the ones that were hit hardest.
That was open, I think, for like between 90 minutes.
in two hours, but there were different kind of curators, I think up to 10 hours were supplying
liquidity. And it's important to know also that there was, sorry, go ahead.
Yeah, so one question that I always ask with these things, right? Because in my experience
living in Australia, every single time anyone's ever tried to do something with like any
protocol I've been involved in, it's like 3 a.m. Sydney time and, and, you know, like they know what they're
They know the time, they know where you'll be.
So a Sunday afternoon feels like a decent choice, right, like 2 PM UTC.
But I'm a little bit surprised like that it wasn't, you know, the middle of the night, like, you know, daytime, Asia time or something like that,
that this happened or that it happened in the middle of the day, even on a Sunday and, you know, the visibility
was still so low. I know we haven't had post-mortems yet, but that part to me stood out as like
the fact that the person like did it in multiple, you know, multiple hops. It's almost like it was
somewhat planned, but maybe like they stumbled across this and then they're like, oh, and we've
seen this before, Tay, like, you know, someone's like, oh, I have all of the keys, what should I do,
right? And then they panic and like, start stealing money. So this,
Like what's your take on that?
It doesn't it there's a few little signals here that feel like this was like the person stumbled upon this somehow and didn't didn't know what they had and then started doing shit.
Yeah, a bit. I was well, yeah, you go. I don't I would say a bit just because like they didn't it.
It seemed a little bit like a like because they minted them. They minted again and then I'm like that's that to me.
All right, let me go run to curve and then they're like, oh, like, let's, it just, it felt like they had some semblance of a plan, but it did not feel like they had like run through this whole thing top to bottom beforehand or that they necessarily knew.
Maybe they didn't know, you know, they're kind of, they had the first, the initial, the initial thing planned out, but they didn't, you know, they were rapidly evolving over time.
generally in terms of like the time of hacks
it doesn't matter what time is then you're in
when a really bad thing happens
it will be 3 a.m. wherever you are
every still time like
you have to expect that
and yeah I saw like there was like commentary
on pager duty guys
you have to have pagers like I'm sorry
like I mean you just heard my
my phone breakthrough do not deserve right
like that's that's my life and that's
you know
that should
be everyone's life when there is an emergency and someone needs to get a hold of you.
Even if you're in like do not disturb even if you're asleep, it will break through and it will
you know bug you and yeah the obf's genie like a little like ringtone even my wife knows that like if that thing goes off
she's like you need to get over here immediately. Yeah. Yeah. I mean that's like um like every organization
that's managing money. I think that's like expected. Unfortunately, not everyone does it.
And in Web 2, there's like a standard called SOC too. It's not like anything crazy. I think that
most financial or all financial institutions won't even talk to you if you don't have it.
And just because you have it, it doesn't mean that you're some fortress, but it's the basics.
And part of that is having like alerts. And here it's, I don't know how many teams do that,
right so page or duty optioni got to have that in terms of the attacker there's a few ways that
i would interpret it um one is you know potentially um the attacker might have expected that the second
that they received the pk that there would be an alert so there there are solutions for example
like where you will get that ops genie phone call or a pagey duty immediately if
it's detected that like any sensitive data leaves your system, right?
Again, there are big, big companies that like this is all they do.
So perhaps he got the key or they got the key and thought that they had limited time.
And it wasn't the middle of the night, but you know, the key would be rotated and they had to do whatever they had to do right at that moment.
So that's one possibility.
The other possibility is something that like, you know, we call like an operator attack.
So it's not like a script or something. There's actually someone on the other
other end, which in this case, it seems clear that there was, that it's thinking about how to do the attack.
And at that point, you know, if you mint $100 million, like maybe the thinking process is,
okay, I'm going to be exposed immediately. I'd rather do this in smaller increments and batches.
I think I'll get better like execution or maybe be able to kind of cover up my trails faster and do it in that way.
And if someone didn't in that way, it could potentially suggest that they knew the team didn't have.
that security posture.
But yeah, this is like all speculation.
Both of those things would make sense to me, right?
If someone just thought that they had the key
and they had to do it now because it'd be covered up
or someone more sophisticated that knows, like the Oregon
knows that they don't have these or the learning infrastructure
in place and is taking their time maybe not to draw public attention
and have like a better outcome.
Yeah.
Yeah, it is all speculative, but it is super fun to speculate.
It's, yeah, I spend a lot of time doing it.
And, yeah, on your note, like the operator versus like automation,
most things in crypto these days, like almost all them or like what we call like hands on keyboard,
like manual operations, it doesn't mean that they're messy or immature or unsophisticated.
It just means that, that, that there's not, there's just not a lot of great opportunity.
using crypto to pre-script something where that increases the chances that you'll be successful
at your hack. And the best, most sophisticated operators are the ones that, like, practice beforehand
and, like, have a really solid plan, but are also just so deeply familiar with how crypto works
and janky things and air messages and all of that that they adapt really quickly. One example was
the ux link when they had their mint happen um they were just uh they were just dumping it ever
they could find liquidity they were dumping it there were also like every single swapper in front
end was trying to block them there was addresses all over the place um and at one point they got
fished by like inferno drainer like a wallet drainer so basically dprk lasso's group
was like trying to dump all these coins that they had done
just infinitely minted, they get blocked on one front and go to a second front and
accidentally get fish, lose a bunch of money to the fish, right? And probably, I think it was like
two minutes later, did another mint of like 900 trillion coins. And to me, like that was like wild
because it was so clear that they, that these were operators, these are people with their hands
on the keyboard using crypto just like we do, but just how they didn't even, they didn't even
and flinch. They're like, oh, shit, we just got drained. Here, let's go mint some more and then go to
the proper cowswap or wherever they were going. It was wild. And that's in crypto, that's the
difference between unsophisticated and sophisticated. It's not necessarily that.
There's a level of like, they clearly didn't, you know, they're like, all right, we've done the thing.
Now let's run around and like hit some front ends and see what happens, right? Like, yeah, they didn't have that, you know,
fishing link already scoped out.
Let's make sure we don't go to this one, guys.
Like, you know.
They were not using MetaMask because we had the URL blog.
You had a block?
Yeah. Probably, I'm sure for the DPRK, that's like a contractual obligation to not
use MetaBosk at this point.
It's so funny. It's so funny. I'm like, ah, suckers.
All right. Do we have any, uh, any closing thoughts on this before we go to our
Omer, what's your biggest takeaway on like what people should do or what we should be looking for next in terms of like the team or the risk people or the curators or whatever?
A few things.
So I think there's a whole other part of this which is like, okay, USR was compromised, whether it was hard to do it or sophisticated nation state or just random person on the internet they got the key.
That's one story.
the second level of defense is like anyone who's running a lending protocol in this case, right?
So when you're onboarding an asset, like you look at counterparty risk, part of that is like it's unique for every asset, right?
And there are just kind of measures you put in place, right?
So you review the asset, you can put like a debt ceiling like on top of it.
So like a limit and basically limit the credit line that you give for every asset.
typically, I mean, or always, if I give obvious an example, those limits and ceilings are always in line with demand, right?
And it's generally, you always think of like risk and reward as like two sides of the same token.
So for a relatively like small token like USR, those ceilings and limits would be very low unless you saw some like real demand coming in and you wouldn't expect it to happen within an hour out of nowhere, right?
So those teams as well, like if you're running a lending protocol, if you're a
Volcuretor, like you need to think about the assets you're onboarding.
You need to think about the assets, you're whitelisting.
And even if the asset issuer, for whatever reason, is compromised, there are many, many
measures that you can take in place in order to protect yourself.
And yeah, it looks like-
Maybe we can cover that quickly after we go to ads because I am curious about that, because
Like, you know, a lot of these lending protocols, the entire point is curation.
Right?
That like, you know, so let's go to ads quickly.
So before we continue, here's a quick commercial break.
The world is about to see one of the largest infrastructure shifts of the century.
New technologies are using more energy than ever before.
But our legacy grids can't supply the demand.
and we are barreling towards a global bottleneck.
So Fuse is rebuilding it.
The energy network is an intelligent, decentralized grid
that coordinates smart devices to balance supply and demand.
The network harmonizes existing infrastructure,
increases grid capacity,
and unlocks low-cost, clean energy.
Energy dollar is the native token of the network.
The more electricity the world needs?
The higher the demand for the energy network,
the value of energy dollars may fluctuate from one of Europe's fastest growing energy startups.
Follow at Fuse Energy on X to find out more.
Multi-chain Advisors is an emerging technology growth firm that has helped create over $50 billion in enterprise value for more than 80 clients, like Pith, Moon Pay Commerce, and Wormhole.
They've worked with some of the largest and most impactful companies in the space.
They're the partner you want when you're navigating markets and trying to bring.
break out from the noise. They help navigate TGE's, go-to-market BD and partnerships,
capital markets advisory, PR, media placements, KOLA activations, and more, driving execution from
launch to scale. Their results are measurable. To learn more and start building real traction
today, visit multi-chain adv.com. If you're looking for help with crypto taxes,
Crypto Tax Girl is offering $100 off for unchained listeners. They provide
personalized crypto tax reports and returns and spots before April 15th are limited.
Go to Cryptotaxgrile.com slash Unchained to save $100.
Once again, the link is Cryptotaxgirl.com slash unchained.
All right.
We are back.
We are just wrapping up our discussions of the Resolve hack, but I think this is a more
broad question around defy, lending markets, etc.
You know, one of the things, certainly with Morpho that is, you know, the claim to fame, right,
is that these are like isolated markets that are curated, that, you know, have, have, you know,
individual operators of the market or curators of the market who are responsible for doing their own risk assessment.
And therefore, it's not like a centralized party, right?
this feels like it somewhat undermines that thesis, right?
Some of the things that happened here with like, I mean, in particular, the, the, we haven't
even talked about this, the Oracle being hard-coded to a dollar on a stable coin.
Like, and it's not like it's tether.
I mean, you wouldn't hard-go tether either, but like, you know, you wouldn't, you shouldn't
be hard-coding any stable, every single stable coin over time at some point will have
something that happens that calls it to DPEG to some level.
You know, maybe it's 97 cents.
Maybe it's 50 cents, right?
But, but like, you know, I've traded a couple of stable coin deep pegs myself.
But, but yeah, like the idea that you would just hard code that, but also then have these like just in time liquidity.
Like all of these things don't really speak to like manual, well thought out curation.
What's your, what's your take on that?
in terms of the liquidity markets.
A lot of thoughts.
So like we won't go into this tangent,
but just like how to price an asset is,
there's a lot there, like on stable coins.
So like I'll just give an example,
like if the collateral is high quality,
and let's say that you're using whatever data source,
like typically stable coins, you know,
people will loop them, or,
or borrow at like very thin margins.
And what you don't want, for example,
is if there's just a big swap that moves it,
you know, from a dollar to 98 cents for 30 seconds.
You don't want to on one hand like liquidate people
for hundreds of millions of dollars.
It's just like bad UX.
So that's like one side of it,
but it's really not binary.
Like we have risk oracles or other solutions in the market.
Like you really need to understand
what is it that you're pricing?
What is the use case that you're solving?
for and within that, what are the tradeoffs and limitations that you're willing to make?
So that's number one.
It's like it's not a binary like either hard-coded or have the live market price and deal with the volatility.
There are solutions that are engineered exactly for this.
So how that relates to morpho.
Morpho like one of the features, maybe in this case you would say it's a bug, is that the markets are immutable.
So the second you spin up a market, you cannot change the configuration of those
of those markets at all. Here, the Oracle was initialized at hard-coded to one, and it was one forever,
right? It was one before the hack. It was one after the hack. And basically what that creates is
like that vector in this example for the attacker to just drain everything. And I guess as a vault
curator, like what is in my eyes, like the role or the responsibility of the curator, we're in
in crypto and everyone likes to chase super high returns.
So certainly like one of it is like you're going to optimize the capital allocation on behalf
of any of the depositors, right?
But again, going back to that like point, like risk and reward two sides of the same token,
it's not worth kind of getting incremental yield at the risk of financial ruin.
So that also needs to be in the kind of mind of everyone as they're configuring these markets.
Each curator has the own process that they take, not deeply familiar with how they approach to things or how these decisions were made.
But on top of that is just also this unlimited credit line.
Like even in traditional finance, banks won't just extend that to everyone, right?
There's ways that you...
I mean, you might even say especially, like, you know, this is one of the, you know, like talk about composability, right?
also everyone's money is equal even if it's not real right like you know the idea that you
the idea that you would like have some kind of check and be like oh this wallet doesn't look good
we're not going to you know like it's just not really contemplated in defy it's like everything's
fungible every wallet every position every asset and you know that's where these like
downstream kind of contagion things happen, right?
Like one thing goes wrong upstream of you, and you're like, oh, those guys are probably
fine.
I'll just treat everything that they do is completely safe.
And then you go, oh, oops, okay, I didn't realize that.
And it's hard to reason about, right?
Like, as you were saying, hey, there's like a hundred interrelated connections of things,
right?
Like how, you know, but also that's your job.
that's kind of the job right like okay so i have a question so if i'm a like uh like i get it's
deep i and nobody has any rights and there's no accountability or whatever but like theoretically
like people lost money here and it's not it's it's due to some like i put my money here and i
expected X, Y, Z to happen.
Promises were made, whether they were literal or implied.
But like they were, right?
I have no recourse, though, right?
Like, or is there, is their potential recourse, like, starting to be baked into these things?
Because this feels, like, especially the curator model feels especially prone to, like,
this is a pretty established sort of relationship type situation.
and yeah, everyone's just shirking responsibility for the sake of it.
No?
It's difficult.
It's a difficult one because, A, there's like nuance in this in the sense that not all,
there's different levels of accountability, I would say.
Like not all loss of funds are equal, right?
Like if you mistake posts on Twitter, your P.K.
And everything gets drained.
Like maybe I would think about that differently than a super sophisticated nation state sponsored
attack where your multi-sig was compromised and four people were hacked over the course of a year.
Like that kind of changes things, at least with my mind.
That's number one.
There is inherent, like, risk in these things.
And I think just like the vault curation model is something right now that is unclear.
Like there is no, like, if you went to go get like a money transmission license or a commodity pool operator,
those wouldn't even necessarily kind of like cover it anyways.
So it's just like this new primitive that there is no exact path.
But I think having said all of that, the question is just like, you know, how what is
the accountability of people and how responsible are they and how transparent are they
in communicating like the different things?
And I think everyone's taking like their own like path on that.
And we're seeing this industry of vaults like unfold in real time.
So I don't really have like a good answer for that.
but I would say that not all exploits are equal and there's different levels of responsibility.
Certainly in this one, like obviously it started with USR, but then the ability to contain it,
it could have been contained on multiple levels.
So that is like a question.
And yeah, extending unlimited credit lines.
I don't know.
It doesn't sound like a good idea like at any point.
But hopefully like as an industry, we can like learn from it.
And I would like to say that we're not going to see the same mistakes again.
but it depends as a collective.
Yeah. Yeah.
Why would, why would you use a cure?
What's the value of using like a curated vault versus just like doing myself for more yield, right?
Like that's my like, I mean, better risk adjusted yield is the.
Yeah, that's what I would say.
Right.
But like the curators typically in my experience, right, are like chasing like more long tail.
yield opportunities, right? Like that's their, like, if you think about what like the principal
agent problem here, like what is the job of a curator, like make me more money, not keep me more safe,
right? Like, and this is part of, this is like a classic DFI, you know, style of like, assume that the risk
is zero and then like take me out the risk curve as far as you can take me. So my yield is as
as high as possible, but like the risk remains zero, right? Like, because
that's your job like keep the risk at zero and keep the and it's like that's just not how it works bro like
like if someone's paying you 25% for something and you're like this is total this is like treasure
this is risk free right like you know there's this and like there's this like there's this like
there's this like there's this like there's this like there's like all risk is risky and therefore
all risks are the same because yeah
Everything is risk.
Like you could get hit by a bus.
Yes,
Defi,
this is my Monty.
Defi does not know how to reason about risk whatsoever.
And it's a freaking joke because people will literally say that.
They'll say the risk of an alien coming down and exploding me is the same as.
As resolve having an infinite mint box.
Yeah,
because their AWS was protected by key that was on whatever,
ex-employees computers and, you know, blah, blah, blah.
No, it's not. There are ways to reason about this. There's ways to reason about it.
And there's also ways for you to mitigate.
You can mitigate your risk by putting the liability on someone else.
But we don't do that either. We don't have any liability or responsibility or accountability.
So like it's a bit of like group insanity as well, right?
Like one of my favorite quotes ever is the Larry Sermak quote where he's like,
I can't this is like 20 late 2020 right and he's like I cannot imagine the level of stress the
defy five teams are under you have a 24-7 bug bounty on your and this is like when we definitely
had no idea what we're doing like the technology is about like new people have shown up like
ohmer who like actually I can help you to solve some of these problems but like back then you have
to roll your own Oracle you have to do all this crazy shit um and it it is it wasn't
like that part hasn't changed it is a 24-7 365 day a year bug bounty in the case of resolve it was
150 million dollar bug bounty or 80 whatever the number is right for anyone anywhere in the world
to get that a w s key and that's the way that you need to live right like that there are people
outside your door clawing at your windows trying to get in and if you don't think like that
that if you like i go to a hotel and i like immediately start looking around like and you know i know
luca you're you're super paranoid as well but like they're like you have to think you know especially
if you deal with north korea it's why having a north korean uh pen pal is so useful for me by it because
like you can't forget like the guy's there all the time they like dms me with like his
all the time and stuff and so so like i don't forget that north korea exists ever right like
my friend is over there he's like doing stuff all the time right so
Um, so I was here to UTC.
I know, right? Yeah, exactly. I know. Right. Yeah. Yeah. So, so yeah. So like I just, I think that there's like this, this like very fundamental like inability to judge risk that we have.
Where, where everything is so risky. And this is like an adaptation. This is a psychological thing, right? Like a human psychological thing that if you live in a war,
zone if you live in a place where like it's constant risk of death and you know total loss right
you've become a bit aneur to it and it's easy for this like false equivocation to creep in of like
everything's risk aliens bro like what are you talking about it's like no no like we have a way of
judging risk and it's called like the yield on the thing that you're doing if the yield is 25
That's the market to end like you know not saying that markets are efficient at all certainly not a deep buy it
But like there were signs if things if something's paying you 25% interest there's like that's a sick there's a there's a catch right we we all live through terra
So side note I think like opening I is like offering a 17.5% return to investors on the latest round but we could talk about that later
I'm the first to say this is like if I'd be like
lying if I told you that I've slept well since I started this company.
It's literally 24-7-365.
But solutions exist, and I think that's the goal of the curator, right?
Like, most people don't understand and they're delegating responsibility to you.
For that, they pay you a fee.
And the expectation is that you're doing everything possible to get them the best risk-adjusted return.
To frame it, though, a little bit differently, like right now where we are is,
while things might feel bearish, there's so much happening in terms of like enterprises,
FinTech's coming in on chain.
So we have the vaults with Crackin.
Obviously, Coinbase launched there is last year.
And this is like a completely like different risk profile where they're not DGents.
Like obviously they want like high yield.
But before anything, what they want is to make sure that there's no principal loss for any of these users.
And the current market that we're in is just everything is compressed.
So the yields have come down like crazy.
In many cases, we're not above like the T bill rate.
And for many folks who might not be super long term oriented, that is enough incentive to venture further out on the risk curve.
And markets are markets and there's been reversion.
And like if you're playing that game, there's just a matter of time.
Right.
So you need to think about like what is where are you depositing your funds?
What type of yield product is it?
Is it something that's always trying to be the highest returning?
If it is, it's a really risky game that you're playing.
And I think retail delegates because of that.
And I think enterprise looks differently.
So hopefully, as space matures, like, there's just a different incentive structure
for people who are, like, more long-term oriented and not chasing the latest trade.
I mean, that's a good segue into the next topic, which is that Ave v4 has emerged out of governance hell.
And I guess the good guys won, I don't know.
But it looks like, it looks, I mean, Mark Zeller would say just use Avey.
I'll say it for him.
But, you know, it looks, or maybe not anymore, I guess you wouldn't say it anymore.
So it looks like, I think, this whole, you know, ignoring the governance for a second, right?
like the point of this Ave move from V3 to V4, you know, thinking behind it, is to replace the monolithic pools, right?
Like to, you know, kind of spread the risk out, you know, while mitigating contagion risk.
There's a bunch of things that they have done.
It's why, like, you know, I was always a bit of a skeptic towards the, like, Avay V3 is some magical system that, like,
will never be surpassed sort of thing.
Like, and that was one of the things
in this whole governance debate of like,
we shouldn't be moving away from B4.
Like, of course we should have market driven shifts
in things.
Like we shouldn't necessarily,
we shouldn't kick everyone out of V3 into V4,
but we can't do that anyway, right?
It's gonna, it's gotta come down to like market incentives,
right, whether people move or not.
But, but yeah, I think, I think there is,
there is this element of like, you know,
B4 has been three years,
of thinking about how to reason about these things
from some people who have got a pretty good take on it.
So yeah, my take on this is like, you know,
this is an interesting evolution, another option out there.
Like V3 will continue to operate for the foreseeable features,
my understanding.
So yeah, what do we think about the fact
that Ava is really leaning into V4 and the architecture
Amare, do you got a take on that?
I have a lot of thoughts as the risk manager about it.
B3 was, it's the biggest defy protocol in the world,
and the growth over the past two plus years has been incredible.
At the same time, it's like it's not the end state, right?
And to think it's like, it poses some type of innovator's dilemma
that a lot of other companies or DOWs or groups might get stuck in.
Like don't fix what's not broken, but that, there are so many improvements to be done.
And I think just you need to keep securely, you know, pushing like the innovation.
V4 introduces a lot of features that allow us to price risk more accurately.
And then just also overall build a better lending product for retail and institutions alike.
So that's like the motivation behind it.
and I just think it's the next evolution and what is today lending.
I mean, yeah, it's interesting, right?
Like, clearly, if you're launching a new lending protocol, it has to be focused on institutions, right?
Like, we just talked about how retail can't price risk.
That becomes hard, right?
If retail's not pricing risk, you're not then incentivized to properly priced risk, right?
Like, your incentive is just go out the risk curve as far as possible.
if everyone assume zero, like institutions don't do that.
I mean, like not always.
Some do.
Some do, some do.
But like collectively, right, like I think Tradfi probably has a more sophisticated eye towards risk than your average D-Gen.
And therefore, if you're going to curate those people and their money, you know, like an endowment or, you know, something like they're probably not just going to like yolo into some, you know,
you know, weird, weird, like 25% APIWI vault, right?
Not in size, right?
And so, you know, like, there is definitely something to be said for, like,
identifying the things that an institutional allocator is looking for or wants, right?
You know, you talk about like SOC2 and stuff like that.
Like, you know, there was a long period of time where the institutions were coming
but they weren't here yet.
So we didn't need to like prepare for it by like doing stuff, right?
Like we could just like do whatever we felt like and invent everything ourselves.
But it does feel like now that institutions are here,
we do need to adapt, you know, like having PagerDuty,
like just having things that if someone even applies like a cursory level of scrutiny
to your operation, they're not going to be like,
this is not viable, right?
Like, yeah.
So I think there is like architecturally.
stuff, but then there's a bunch of other elements that in order to attract institutional capital,
defi just has to do and get better at. And hopefully that will be a forcing function that is actually
better for retail, because if the institutions are forcing you, you know, it's like a similar
argument to like the regulator thing, right? If regulators are forcing you to be compliant and, you know,
release disclosures and stuff like that, in theory, that should drag along, you know,
better risk-adjusted yields for everyone involved, right?
Yeah, it should.
I would say that the nice thing about V4 is that it's not binary in the sense of like,
hey, this is optimized for enterprise and it's not good for retail.
Like the core innovation around it is just like this hub and spoke architecture.
And in just a sentence, it lets us segregate the risk in a much more intentional way.
So if people do want that like those more experimental lending experience that have larger risk, you can do that.
And you don't run the risk of contaminating larger pools.
So you basically have both.
And it's an evolution of like, you know, what Avey did really well with is like the pooled architecture.
It's like the main pool where you deposit all of these.
And here it's just going to allow us to kind of target things on an asset by asset basis for certain pairs, configure what should
interest rate model B and things like that.
So it's the most, I would say, like a highly configurable specific lending experience,
while at the same time, abstracting that stuff from the users, right?
So that's what we're excited for, because hopefully, or I'm confident that it's going to
make our lives easier as we have better levers and could be more granular about what
tradeoffs we're making, if any.
So this is maybe a spicy take, right?
But like one of the, I guess, unintended consequences of like even RV2, V3, this pool model, right, is you've got to be really careful about what you put in there.
Like there's a lot of thought that, you know, there's a very high bar, right?
There is something to be said for like that as a feature and not a bug, right?
Like I know people would get annoyed by it.
I've been annoyed by it in the past where I'm like, come on, guys.
like this is fine, like put this asset in the pool so that we can start, you know, doing stuff with it.
There is, you know, having this like segregated hub and spoke thing, there's a, there is an
argument that like will cause people to be less wary of things because like, oh, no, it's in Ave.
It'll be fine.
But actually it's in some weird experimental pool.
How do you think about that?
Yeah.
So, like, it's sort of similar today in the sense that we're going to have, there'll be
several hubs, but the big ones will be like the core and the main hub, right?
And those are the ones that, you know, just blue chip, like safest assets.
And then you'll have, I think we'll start with one or two other hubs.
And over time, that will grow.
It'll be very clear, like on the product, like what it is.
And like you said, like there's also an element of education.
Like it's not only an AVE, just generally yield should reflect like units of
risk that you're taking.
So, I mean, it does whether you're.
you know it or you don't know it.
So it's just kind of just taking the best of the capital efficiency of what worked in V3,
but allowing us to get more granular.
Another thing, which is I think not many people know with the why it was so hard.
And sometimes for like asset issuers annoying to integrate and elevate,
we had to deal with this heavily in the migration from V2 to V3 is that once something is listed,
it's super hard to delist it.
And in the trade from the bull market to the bear post-FDX, we had a bunch of defy
tokens that at their peak were trading at like $5 billion plus market cap, FDV super
Oh, yeah.
I'm aware of a couple of them.
Yeah, yeah, not naming names, but a CRV crisis, right?
And for the OGs, like the Avey Eisenberg attacks on mango markets and others.
And I think V4 is like takes all the learnings that we had of that.
and just kind of packages it into like a new release.
So for asset issuers, they're going to integrate,
it should be a smoother experience
and allows us to think and react more to what's happening in the market
versus saying like, hey, we're taking token X,
we're putting it into the core market.
It's going to probably be here forever now,
or it's going to be really hard to offboard it.
So that was, I think, one of the core learnings.
Yeah.
Are you still also for like the core markets and stuff,
is always still going to,
let's say like uphold the, I don't know how they even describe it, like the diligence they do on those
assets, right? Because right now they, there actually is quite a bit of work with a bunch of different
parties that goes into, I mean, one of them, for example, is how can you mint this asset and
making sure it's behind, not necessarily a literal multi-sig, but that it requires multiple
independent parties cement, right? Are they still doing that for all of the markets?
or so yeah i mean that's that's chaos labs that's one of our responsibilities is that we do risk
assessments for any asset but at the same time they're always been running for a long time and there's
a clear segregation of responsibilities right so we're primarily tasked with financial risk
we're misleading smart contract at the time so over the past years uh bgd and alvett labs are
responsible for the smart contract risk under that
you know, access control and a lot of the stuff that we spoke about today.
Obviously, as a collective, we're all responsible for everything, but those are the kind of ways that we,
for a single asset, there is like a smart contract. If it gets close to an actual listing,
like all these things happen. And then even when we list assets, the important thing is it's not carte blanche.
So an asset with a tiny market cap, even if it has a promising yield, like historically,
we might start it in an isolated market where there's a feeling that's defined.
And yeah, over time, based on the demand, based on security posture, you increase that
or don't, depending on what you find.
But there's like a public, actual documented process of how all of this happens.
And probably at this point, several hundred references that are living in the Aved Forum
amongst other places.
Yeah.
Okay.
And so this is going to, for V4, not only is this, these processes going to continue, but they're probably, you even have a little bit more freedom for like what it's not, let's say, like, as like black white, right? Because now you have these different hubs of these different ways and these different mechanisms and processes by which you can sort of like elevate something or downgrade it or whatever.
Yeah, yeah. I mean, so a lot of freedom. It's also.
kind of work like it's uh there's not one day where we're not um spending hours like as a team
on everything that's av a kiosai is our a i product which helps us um streamline like i was gonna say
like we we have a team right we're 50 claude claude claude claude is um only ks no clod um
fair enough fair enough but um but yeah it's a ton of work i think every team naturally wants to be listed
in the most liquid pools.
So, you know, teams will buy for it and, like, make a case why yes, why no?
But ultimately, like, as a doubt, we kind of decide.
And it's always better to kind of see the demand and then think about what the reward is
versus at risk and make decisions on an asset by asset basis.
Yeah, I mean, I'll just say, like, from my, I don't live in this for all this deeply
as Kane does, obviously, but I do have adjacent minimal experience.
And I will say I was shocked when someone was like, hey, we need to upgrade our token because
Alvei said so.
And I was like, what?
And they're like, yeah, our mint functionality is like super weak or some shit, like help us.
And I was like, all right, like, let's go.
But that was like one of the first times where it was like a forcing function, right?
And it was like a regulation thing.
It wasn't some government thing.
It wasn't because Tay was on Twitter preaching.
Right?
It's like, no.
They want something.
The way that you get this, the way that everyone benefits, right, is by having baseline, like, default secure configurations.
And, yeah, it was, it's one of the rare times.
Market powers.
Yeah, like, you know, Avey has market power.
It's one of the few prototypes that has market power to say, you know, like, if they, if they went to Luca and they're like, all right, like, we'll, we'll let you know, you know, borrow again.
Pudgies, but you just got to, you know, throw away that infinite,
mid-private key, you'd be like, okay, fine.
I was enjoying having that, but I guess I don't really need it.
You know, like you would, like people will do things.
It's like exchange listings, right?
You know, exchanges, unfortunately, the exchanges don't necessarily have the most aligned
interests in the way that Sayabe does with like, you know,
composable, D-Fi stuff.
But there's still a forcing function for like, at least tell us what the emissions on
the token are bro like we need that document like you can't just invent your own you know uh vesting
schedule and like have it off chain and not tell anyone right like there's there's certain things that
it does so i think you know are they having market power probably they didn't use it enough
arguably in the past you could say but maybe in v4 that will that will change yeah v4 is a clean
slate um it lets us do a lot of things in the way that we've wanted to do them over the years
on the exchanges. I think this year was like the first time that some of the exchanges
actually woke up to the fact that they need to diligence assets as well because there
was a case with Binance, I think where they ended up paying, I don't know if it's like
$300 or $400 million out of pocket, where Athena didn't depeg, but like on their exchange,
there was low liquidity on the weekend and they discovered from first principles what an
oracle is and why it needs to kind of accurately price the assets and it had to pay everything
out of pocket. So the worlds are colliding. Yeah, you'd hope that even without these incentives,
like people take these things seriously, but these things definitely push. Because when you're
launching a token, you want that liquidity, you want to be able to borrow against it, you want
to be on a centralized exchange. And for all parties involved, I think this weekend showed it,
there are consequences, not just asset issuer, also the protocols that are taking on bad debt,
paying out of pocket, also the curators. So you need to do the max that you. You need to do the max
you can do on your level and there's still always going to be risk what you want to be able to
mitigate and minimize. Yeah. Also I agree. And I just want I think that's a great, great place to
add and I think that far far too long we think about it as like sort of everyone's on the most
level playing field and it's like well the users want this and they'll do this and then,
you know, the protocol doesn't have any any say over how the token is or how the asset is.
issued or whatever. No, no, no. Like, in order to get this ecosystem to be strong and robust and
valuable, every single player has to play and has to like do what's in their best interests and their
user's best interests. And sometimes that means asking hard questions and holding the people that
they have relationships with accountable. And a lot of times the end user doesn't have the ability
or the relationship or the incentive to do that to say the token or the protocol.
And so the more times we see the protocols, the asset issuers, the adjacent parties like come in
and say like this is how it works, guys.
This is how you mitigate this risk.
And it's a bare minimum for us to even look at you, the better that everyone will be.
And that's how we're going to keep leveling it up.
Well, it says.
Agreed.
Agreed.
Awesome.
A special thank you to Omerer from Gals Labs.
Thanks for joining us.
That was super useful.
That's it for this episode of Uneasy Money.
I'll see you guys next week.
Thanks, Tay and Luca.
If you enjoy the conversation,
follow the show on the Unchained Feed on X
and subscribe wherever you listen to podcasts.
And if you're watching on YouTube,
please like and subscribe or drop a comment.
It really helps new people to reach the show.
Until next time.