Unchained - What Does Mango Markets Exploiter Avi Eisenberg's Arrest in Puerto Rico Mean for DeFi? - Ep. 441
Episode Date: January 10, 2023Gabriel Shapiro, general counsel at Delphi Labs, and Collins Belton, managing partner at Brookwood P.C., dive into the controversial case of Avi Eisenberg, the self-described “applied game theorist�...�� who was arrested in Puerto Rico on Dec. 26 on market manipulation and fraud charges. The two crypto lawyers discuss the case’s potential impact on DeFi and DAO governance — and whether “code is law” stands a chance in the courtroom. Show highlights: whether Avi’s manipulation of the markets constitutes fraud debating the crypto maxim “code is law” whether it’s wrong to use DeFi code in a “smarter way” how the Mango Markets exploit happened due to poor governance management whether crypto should be regulated from the securities angle or the commodities angle the consequences of Avi’s arrest for the DeFi space whether MEV could constitute market manipulation, even if it’s democratized for everybody the role of DAOs and whether early-stage projects should maintain some level of centralization how DAOs could be designed to have better mechanisms in order to deal with potential issues whether members of the Mango Markets DAO are liable because of their role in designing the system how Avi was “naive” to think he could avoid legal liability by returning the funds why Gabe thinks credit protocols are socially positive and why he hopes that prosecutors won’t “throw everyone in jail” Thank you to our sponsors! Crypto.com DeFi Saver Links Guests: Gabriel: Twitter Delphi Labs Gabriel’s Twitter thread on the case Previous appearances on Unchained: The SEC's Lawsuit Against Ripple and 2 Execs: What You Need to Know Collins: Twitter LinkedIn Previous appearances on Unchained: How the Greatest Decentralizing Force for Crypto Projects Is the SEC Episode Links: Previous coverage of Unchained on Avi Eisenberg and the Mango Markets exploit: The Mango Markets Attacker on Whether His 'Trade' Was Ethical or Not - Ep. 413 The Chopping Block: 'Code Is Law' Is 'Obviously Not How Anything Works Ever' The Chopping Block: SBF Wants to Win in the Court of Public Opinion. Will He? - Ep. 428 Mango Markets exploit Explanation Avi’s “Highly profitable trading strategy” Twitter thread Unchained: Mango Markets Exploiter Arrested on Market Manipulation Charges Mango Markets Exploiter Gets Liquidated But Leaves Aave With ‘Excess Debt’ Mango Markets $42M Reimbursement Proposal Passes Mango Markets Exploiter Returns $67M After Revealing His Identity Mango Markets Hacker Proposes Keeping $70M ‘Bad Debt’ As Bounty Solana’s Mango Markets Sees $100M Drained in DeFi Exploit Chaindebrief: How Manipulation On AAVE And CURVE Went Wrong, Attacker Got Rekted Instead The Defiant: Another Fork Bites the Dust: The Looming Fall of Fortress DAO and the Perils of Off-Chain Governance Karlstack: EXCLUSIVE: The Man Who May Have Milked $100+ Million from Mango Markets CoinDesk: The Impact of Avraham Eisenberg’s Case on the Future of Crypto Mango Markets Exploiter Eisenberg Arrested in Puerto Rico Mango Exploiter's Funds Get Liquidated After Roiling Aave Using $20M of Borrowed Curve Tokens Complaint CNBC: Decoding The Avraham Eisenberg Arrest And Its Impact On Crypto Bug Bounties, White Hat Hackers Decrypt: Mango Markets Attacker Avraham Eisenberg Arrested, Charged With 'Market-Manipulation Offenses' Protos: Who is Avraham Eisenberg and why is he all over Crypto Twitter? Crypto Briefing: Curve Whipsaws 75% as DeFi Degens Squeeze Avraham Eisenberg New Filing: CFTC charges Avi Eisenberg Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
I just find it funny that they even thought they could, that they were in a position to offer that because that's the U.S. government's decision.
That's definitely obvious. So just for some background here in case you're not familiar with this, because Avi actually, he has this like, I don't want to call arrogance. I mean, it is arrogance, but he's got this thing that he genuinely believed that he understands the law.
He both understands that he's not a lawyer, but also has very strong legal opinions and essentially acts on them.
And again, the only reason why I know this is because I actually witnessed him trying to give a defense of fortress and some post-Ferrari manipulation stuff that he was involved in.
And essentially, his arguments are essentially always the same.
Hi, everyone.
Look at the Unchained.
You're a no-hype resource for all things crypto.
I'm your host, Laura Shin, author of The Cryptopians.
I started covering crypto seven years ago.
And as a senior editor of Forbes was the first mainstream media reporter to cover cryptocurrency falltime.
This is the January 10th.
in 2020 episode of Unchained.
Did you know Unchained Premium now includes full transcripts for all shows and exclusive interviews
with crypto builders?
Go to Unchained Crypto.substack.com to subscribe.
DefiSaver is an all-in-one management app for top lending protocols on Ethereum,
such as Ave, Maker, Liquity, and Compound.
They're best known for their one-transaction rebalancing options and automated liquidation
protection features, and you can check them out on Ethereum, Arbitrum, and Optimism
today.
Buy, earn, and spend crypto on the crypto.com app.
New users can enjoy zero credit card fees on crypto purchases in the first seven days.
Download the crypto.com app and get $25 with the code Laura.
Link in the description.
Pay all, just a quick note.
The day before this podcast was released, the CFTC charged Avi Eisenberg with violations of the Commodity Exchange Act and manipulation and attempted manipulation of a swap.
We'll put a link in the show notes.
the complaint, but I just wanted to explain why we don't mention this news in the show.
Today, we're discussing the arrest of Manko markets exploiter, Avi Eisenberg, and its implications
for Defi. Here to discuss are Gabriel Shapiro, General Counsel at Delphi Labs, and Collins
Belton, managing partner at Brookwood PC. Welcome, Gabriel and Collins. Thanks for having you.
Thank you. Good to be here. Just a quick note, before we begin, everyone, my research and prep time for
this show was drastically cut short. And I have to record this from a slightly different location,
which also cuts down on the actual time that we have to record. So it'll be a shorter than normal
schedule and also perhaps a more freestyle form of interviewing. That means you'll only be 60% more
prepared than 90% of interviews. No comment. All right. So two days after Christmas,
Avi Eisenberg, most famously known as the Mango Market's Explore.
was arrested by the Department of Justice in Puerto Rico for commodities fraud and commodities
manipulation. Avi had famously kind of already confessed, although I don't think he thought
what he did was anything wrong. And this was in a tweet, which most people have heard,
in which he described the Mango Market's exploit as a highly profitable trading strategy.
So for those of you who don't recall the details, Avi took out a large portion on Mango's
perpetual futures contracts. He then inflated the price of the illiquid mango token, or that's
what inflated the price of the liquid mango token. And then he used that inflated value of his holdings
as collateral to borrow pretty much all the protocol's assets and then a drain the protocol.
So I was curious just, you know, for your take generally. And why do we start with maybe Gabriel,
who wrote the tweet thread that kind of sparked this conversation? Do you think that would
Avi did in this case actually qualifies as commodities fraud and commodity manipulation as he was
charged with? Well, yeah, I would say that overall what he did, I would consider within the ethical
norms of the DFI space, but nevertheless, most likely illegal, or at least there's a strong
argument that it's illegal, which makes it kind of interesting, right? We have, you know,
things that are like ethical but illegal and also things that are legal. And also things that are
legal but unethical and then sometimes they're both illegal and unethical. I think this was one thing
where ethically within the norms of defy, in my opinion, it is fine, but it is illegal. Whether it
constitutes fraud is a very interesting question. I do believe it constitutes some form of manipulation,
some form of cornering, but who exactly the defrauded party is, right? Because a smart contract isn't a
person and it kind of was the smart contract that was deceived or arguably it was the risk engine
for the smart contract that was deceived is, you know, create some interesting issues that I guess
we'll talk further about. But yeah, I do think that there's a strong claim here that he did
something illegal. And Collins, what about you? Yeah, you know, I think I'd largely agree,
especially on the distinction between the manipulation and arguably fraud charges. I think, you know,
to the extent that there is something that's likely to hold, I would imagine the manipulation charges are a bit easier here, just under the black letter law, since there's a little bit less of this intentional question, I think, especially given what you've said, you know, he explicitly kind of did note online that he manipulated the market in order to achieve this.
Like Gabe said, though, you know, when you look at kind of our defy norms, there's a question as to, you know, whether people should have expected something like this when he did operate within the parameters of the system.
So I think we'll talk a little bit about that.
One of the thing that Gabe just alluded to that I find kind of interesting is that, you know,
when you look at the fraud question, I think a lot of the people, especially in the Mango community,
want to take the position that you essentially defrauded the Dow or the members.
But this kind of leads to a weird catch-22.
And, you know, it's kind of funny because the complaint actually takes this position,
at least from my perspective, where the Dow essentially is to say,
hey, we run this thing and you took our assets,
which then puts them in the uncomfortable position of having to argue.
you potentially in another context as to whether they should be the one seen as running in exchange.
So there's a weird tension here and hopefully we can talk a little bit about that.
I think that was part of, you know, at the heart of Gabe's threat there as to how this may
impact Defi, depending on how people want to interpret this.
So both things that you guys said were so interesting.
Well, we'll talk about Gabe's first.
I mean, the notion that what he did was both illegal but also within the norms of Defi.
Like, can you talk a little bit about that?
Like, why is it that thing?
that people would traditionally consider illegal are things that at least some segments of the
crypto community may not consider out of bounds? Sure. I mean, I think it raises very interesting
questions and it just always comes back to this code is law thing, right? If what we have is an under
if the social norms of using a crypto system are that it's supposed to do a certain thing
and everyone's understanding is that.
And if the code does something different from what it's supposed to do, then we have an issue.
If that's the social framework, then we have major, major issues across the entire
crypto system ecology, right?
Because why do we have immutable state then?
If we have a notion of what's supposed to happen and it doesn't happen and the wrong
thing gets reported, we should be able to mutate that state.
If someone, if our notion of ownership is the same as in the real world, that is, you own your coins,
well, you know, if I get locked out of my car and I have some valuables in there, you know,
like I have legal methods to break back into the car or even someone else's car and get those
things out, right?
Whereas on the blockchain, there's no remedy for that, right?
I don't get new keys.
I've just lost it forever if I've lost my keys and so on.
So we have this universe of pure bearer assets where basically what you can do with them
determines what you ought to be able to do with them.
That's the norm with which people operate in space, not your keys, not your coins, right?
And the same thing with the smart contracts, right?
You know, in my opinion, unless you want to just re-centralize everything and be able to
reverse transactions and all these things, you really kind of have to be able to say that
when someone is using one of these systems, they are opting into a situation where they want code to be law for them.
Obviously, it doesn't necessarily mean it's law for external parties who haven't opted into that, right?
But we need it to be that when you opt in, you're able to give up the, you're able to consent to those risks.
You're able to take on to those risks.
That whatever the code does is the result you're going to accept.
And the notion of prosecuting someone for using the code in a smarter way that other people didn't predict is anathema to that, right?
Because that really means, you know, if you was able to do that and if that's somehow wrong, right, it's something that the code could do is the wrong result.
That ultimately means that it's not the crypto system that governs things.
It's our understandings and expectations.
And if it's our understandings and expectations, well, then it's exactly like a normal contract.
And it ought to be illegal or frowned upon to set things up in a way where you can't fully
perform that contract because of immutability and these other things.
So it's a real tension.
And that's why I say, you know, really, we need to kind of find a way to make it acceptable
for people to opt in this set of risks and understand what risks they're opting into.
Also, of course, these hacks happen all the time.
It's not even really a hack, but these attacks, these exploits happen all of the time.
And the vast majority of people get away with it.
And most people aren't even that mad about it in crypto.
Like they're not nearly as mad about the typical defy exploit as they are about FDX, for example,
because it's just kind of considered the name of the game, size your risk appropriately.
Don't put all of your eggs into one protocol.
Certainly don't put it into it if it's open source, sorry, if it's not open source, or if it's brand new,
it's insufficiently tested, it's not audited.
We just have this whole other set of standards for when we're dealing with code that dramatically
differ from, you know, when you're trading stocks on NASDAQ or something.
And so it's almost like you're saying that in the defy space, they would consider that in this
particular situation, the developers of the smart contracts are almost more at fault or something
like that.
Is that?
Yeah, I don't know if it's the, it wasn't a smart contract code problem as such.
it was really, and we should talk more about how the attack went down, but at the end of the day,
it was a governance problem, I would say, as to the fact that this particular collateral, the
mango token itself, the governance token for the protocol, it was too much was allowed to be
borrowed against it within the protocol. Yeah, it's like literally the same thing as FTX and FTT.
Too much was allowed to, exactly, too much was allowed to be borrowed against it relative
to its liquidity and the rest of its risk profile and what else is going on in the profile.
So it's not so much, I don't know that it was a developer problem.
It's more of a governance risk management problem in terms of the assets that are whitelisted
in the protocol and the collateral ratios that they have within the process.
But I think, you know, it's kind of interesting you say that because in some ways I do see
it as, I don't know if I'd say it's a developer problem, but is this system design issue,
but it's compounded by the fact that you do have, you know, in essence, this governance ability
in and of itself. You know, the ability for people to make those decisions to be
modifying them is kind of what introduced that risk. Now, obviously, you know, they could
have made this immutable, had the same risk by just setting the parameters in stone. But I think
that also, you know, speaks to a little bit of the tension you alluded to and then also some of the
things that we were talking about before where you've got people like that kind of want to
have their cake and eat it to use the cliche phrase where, hey, you know, we want to be able to
essentially say, this is immutable and we're going to depend on code as law. But then when somebody
like Gabe said, you know, figures out, you know, a clever, if not. And I don't like using the word
ethical because it's ethical in one sense, I think in a pure, like philosophical sense,
but ethical in the sense of like, yeah, he knew that there were innocent and quote unquote
innocent people or users that would be deprived of their value. So I don't know if ethical from the
colloquial sense is the best word, but let's just keep using it. They weren't ultimately deprived
of their value, though, were they? Yeah. And that's actually what I wanted to talk about,
actually. So the private contracting element is kind of something that I think,
Gabe was alluding to it and part of that other point, I just kind of hop to that, which is,
you know, you've got this weird idea that blockchain in some way might be seen as like allowing
extreme versions of private contracting. But in this case, you know, it also runs headlong.
And this is another tension that I think we wanted to talk about with the actual, you know,
regulatory and kind of legal framework that exists in reality. If you start looking at the intentions
and things outside of, let's say, the four corners of your blockchain contract. And so we see
that actually, you know, with Mango.
The Dow tried to negotiate a settlement with him where it included releasing criminal claims against him.
Now, obviously, you know, the U.S. government is like, why, what are you talking about?
None of this is something that we're going to respect.
But it actually does highlight, again, an issue here, which is if you aren't going to essentially adhere to those norms of everything that's codified is exactly how we will essentially accept these results and instead go to our, we're going to add a meta layer of additional governance, whether that's via tokens, whether that's outside, you know, negotiation, then you do start to introduce the exact tension that Gabe is talking about where the regulator is going to say, okay, well, why wouldn't we also step in? Why wouldn't the other frameworks also apply here? And so I think this is what I think, you know, when we're, we're,
you were talking about the motivation for the episode, the interesting thing is, all right, well,
you have to almost take a position here. Either you want this, you know, Code's law. And by the way,
I don't think either of us, you know, let me know if I'm speaking wrong for you, but I don't think
either of us is saying code is law is exactly the land now. But we're saying if this is the norm
that people are going to adhere to and they're going to espouse, then they can't. And
those other times start saying, hey, you violated some, you know, either two, four unspoken norm
that we just made up on the spot because we're pissed off about losing money.
So I think this is, and this is honestly a challenge I have with the government systems in crypto generally.
I think you either have on governed systems.
I think there's some world who will probably figure out a governance system that will, you know,
avoid some of these flaws.
But right now, most of the governance systems introduce these exact tensions by, you know,
by virtue of just being a governance system that introduce outside decision making.
Yeah.
And I think Collins just raised a really, I agree with all that.
And college just raised a very interesting point, legal point, but he didn't state it completely explicitly.
So I just want to make sure the listeners are clear, right?
There are two potential things that are implicated in electronic attacks, right?
One is sort of computer fraud, abuse, anti-hacking type of laws, right?
And that is not, those are not the charges that have been brought against Avi.
Whether they could bring such charges would be an interesting question.
But those are generally speaking specific computer statutes that say that, for example,
For example, prohibit unauthorized access of data, unauthorized use of access credentials such as passwords, and things of this nature.
And they're phrased generally in those terms, although they often also have catchalls that can be vaguer.
And that was not what is here, right?
Because he didn't really use a, he didn't steal someone's password or generate someone's password, you know, by repeated guesses, right?
brute forcing. Instead, what he did is manipulating the price of an asset in a way that when combined
with the functioning of a certain set of code, enabled him to get a good result, right? And it wasn't
that there was any flaw in the code. There was no flaw in the code. There also, a lot of people
describe this as an Oracle manipulation attack, but it wasn't actually an exploit of the Oracle. The Oracle
function completely correctly, it accurately reported the prices. He went to the markets that the
oracles pulled price data from, and he did transactions that basically made the accurate,
true price of that asset on that platform to be artificially high, right? And that's why they're
bringing this as a manipulation claim, rather than some sort of computer hacking claim, et cetera.
But both set of laws in terms of the broader discussion about consent and private contracting
could be relevant. And in terms of the computer hacking laws, you can actually cure that issue
right. That's why there are pen testing programs. That's why they're a bug bounty program because the
specific relevant parties, it's a little harder in crypto for various reasons, but you can at least
try to get everyone relevant to say, yes, we consent to certain people or anyone under certain
circumstances attacking this and trying to do it harm if they follow this certain protocol.
You cannot do that with market manipulation. And I think the reason why you can't do that with
market manipulation is because the implicit theory of who is being defrauded with these price
manipulations is the market itself. It's everyone in the market. It's not only the Nango users,
who are the ones who had the most potential risk in terms of direct economic harm, but it's
everyone. And so even if every single Mango user literally signed a contract giving him a release,
which of course is not what happened, even then they still would, the government would still be able
to bring this action. So that's why it raises very interesting issues around consent, private
contracting, et cetera. Also one other thing, which we won't go deep on this episode on, but I'll
give Gabe the dunk on me on this is, you know, for a while there's in people debating on, you know,
is it better for something to be regulated from the securities angle or the commodities angle?
I think this definitely shows in conjunction with some other stuff like Uki-Dow that, you know,
stepping into the commodities where it doesn't absolve us of all of these issues.
And I still am of the belief that a lot of times the CFTC is probably the more appropriate regulator.
And I should also note, you know, this is the DOJ bringing this,
although I would, you know, be very shocked if we do not see CFTC follow up on this.
But I think it, you know, highlights that, you know, the fact that the CFTC or the FBI agent in this case,
One, you know, highlighted that he thought some of the assets were commodities, but that actually
led them to the belief that these things were swaps, that he was actually trading perpetuals
or swaps. There was actually a statement I actually copied out for the episode here where, you know,
the FBI agent just explicitly says he starts a sense of saying perpetuals or swaps under the
CEEA. It's not like a, it's not a question in his mind. It's not a theory. That's actually
very problematic for, you know, a lot of DFI protocols if they want to be serving U.S.
participants and they're going to have, let's say, a Dow running the exchange. And it's not
fully immutable. So, you know, this type of thing is a good example of how, even though I might
still believe the CFTC is more appropriate, it's good that we had, you know, leak something like
the DCCPPA and people to understand that, like, the CFTC doesn't mean, oh, suddenly you're cool.
Like, hey, they regulate gold and oil and they don't really care about those spot markets, because
it's very clear. They say here, you know, the FBI agent is looking at this thing, hey, he manipulated
the spot price in order to leverage swaps on a decentralized exchange so that he could
achieve this result. And that's what led to the manipulation charges. That's what led to the fraud charges.
And again, you know, I note that while this isn't a CFGC complaint, the FBI agent, and I have this
excerpt here, we explicitly notes that, you know, the mango decentralized exchanges is run by the
mango Dow. That, I think, is going to be interesting to track. That's the statement that I think
will probably show back up in the near future, but we'll see. Yeah. One thing that I wanted to
comment on was earlier when Gabriel was describing obvious.
actions. He said he like I sort of remember how you started, but you, you know, kept kind of trying to
explain what he did with the prices. And then finally you settled on that he artificially inflated
the price. Well, what was interesting is when he came on my show right after he had done the hack,
I similarly, I so I don't remember what question it was that I asked or what phrasing I used,
but he corrected me by saying, oh, well, no, that was actually the real price at that moment. Like just
because it's not what anyone wants doesn't mean that it wasn't the correct price.
It's the correct. It's it's the correct price, but the price is incorrect to the value, right?
And this can happen, right? I mean, we do have different notions of pricing versus value.
People can overpay for something. Yes, that is the price they paid and it is accurate price.
They actually paid that, but they were, you know, deceived or about the value. And so they were
paying sort of like the wrong price or too high of a price. And yeah, there is that.
disconnect as possible. Yeah, yeah. I mean, for sure this case brings up so many fascinating angles.
So when do we do this, we are going to unpack how different elements of the case could affect
Defi as a whole. But first, we're going to take a quick word from the sponsors who make this show
possible. DefiSaver is an all-in-one management application for a number of decentralized finance
protocols on Ethereum, Arbitrum, and Optimism. The app has dedicated dashboards for lending protocols
such as Ave, MakerDAo, Liquity, and Compound,
as well as integrations that allow quick access
to yield earning protocols such as urine, convex, M-stable,
and the newly released chicken bonds from the Liquity team.
Some of their most notable features include quick,
one-transaction rebalancing,
and automated liquidation protection of collateralized debt positions.
On top of that, they also have tools for collateral swaps, debt swaps,
and instantly moving positions between different protocols.
Once you load up the app at defysaver.com,
make sure to enable the simulation mode first so you can freely test all available features
before diving in further.
Join over 50 million people using crypto.com, one of the easiest places to buy, earn,
and spend over 250 cryptocurrencies.
New users enjoy zero credit card fees on crypto purchases in their first seven days.
With crypto.com earn, get industry leading interest rates of up to 14.5% on over 30 coins,
including Bitcoin.
Earn up to 8.5% on stable coins.
With the crypto.com visa card, you can spend your crypto anywhere.
Enjoy up to 5% cash back instantly, plus 100% rebates for your Netflix and Spotify's subscriptions, and zero annual fees.
Download the crypto.com app and get $25 with the code Laura.
Link in the description.
Amazon presents Jamal versus the Shih Tzu.
Descending from the gray wolf, shih Tzu's live by.
their own untamed primal code of not giving a single shih Tzu.
But Jamal shopped on Amazon and bought dog treats, chew toys, and 32 ounces of carpet cleaner.
Hey Jamal, you've been promoted to Pack Leader.
Save the Every Day with deals from Amazon.
Welcome aboard via rail.
Please sit and enjoy.
Please sit and sip.
Play.
Post.
Taste, view, and enjoy.
Via Rail, love the way.
Back to my conversation with Gabriel and Collins.
So we kind of started touching on, you know,
different aspects of this even before went to the ad break.
But let's maybe start with Gabriel's Twitter thread.
Because Gabriel, you know, as much as I think a lot of people believe that kind of
what Avi did was wrong in some sense, your conclusion in the Twitter thread was,
that this isn't necessarily good for defy that he got arrested. So what do you fear are some of the
indirect consequences for the defy space that could result in this? The whole point of these systems
is that they be secure on an autonomous decentralized basis, which means that you can't rely for
safety on extrinsic deterrence, such as fear of punishment, or extrinsic actors who may be able to
reverse transactions, adjudicate which transactions were correct or incorrect, the idea is that it be
secure, robust, consistent on its own, that it be so well designed that it can do that. To do that,
it's really, and you know, just look at the history of smart contract security dating all the way
back to the Dow hack, or you can even look at L1s in terms of consensus attacks, validator,
attacks, minor attacks. When the, the development.
developers try to develop these systems to be as secure as they can.
Things happen and we learn lessons.
It's an iterative process, right?
So because of the Dow hack, reentry attacks are very, very, a rare flaw in smart contracts.
I would say if one happens now, it's just due to negligence at this point, almost always, right?
You didn't get an audit.
You didn't know what you were doing, whatever, right?
But that's because that that happened and had really bad consequences and made everyone alert to that.
And then they developed systems for automatically scanning code for that vulnerability and improving design patterns and all these things.
So we actually need these attacks in order for the ecosystem to grow and to ultimately become the best it could be.
And the same is true, is recognized even with centralized systems because they have bugged,
bounty programs and all these things.
The difference is that, as I mentioned earlier, for something like Twitter, right,
if Twitter wants its web app to be secure, they can have a bug bounty program.
And really the only thing that those, that any sort of bugs or potential exploits can come from
is most likely going to be some type of code vulnerability.
One of these types of vulnerabilities that is covered by the anti-hacking statutes.
And so they can consent to it being attacked and the hacker will be the white hat will be okay.
I'm wearing a black hat, but the white hat will be okay if they follow those rules.
And they will be able to prove their system iteratively.
With these economic attacks, it's just not possible to give that consent.
But nevertheless, we do want these systems to be secure against all types of attacks, including ones that you can't fully consent to.
right? And so this is the issue. We don't want to start relying on the legal system to make these
systems secure. We want them to be intrinsically secure. That means people have to attack them.
Now, do they have to attack them the exact way Avi did? No, because, you know, he could have,
there are someone leaked Discord messages that are alleged to be from him or someone contemplating
a similar attack in the weeks ahead of time where he was saying, hey, you know, I found this
vulnerability, but it looks like there's not much in the Treasury, so I think the White Hat
Bounty would be small. So it was better for him to attack the full thing and decide his own
white hat bounty, right? But so, but we could as an industry, and I think there are people working
on this, for sure, jump published a thing. And I know kind of a coalition of VCs and White Hats are
working on something where you would, you would set out clear parameters for attacks. You would
potentially even have like pool more pooled money by a coalition of protocols to reward people so the reward, you know, could be sufficiently large and all these things. We need to keep doing this. We can't be scared to do this because of for certain attacks, because those attacks can't be fully mitigated with consents and waivers. But that when we do go and talk to big law firms about setting up some type of white hat safe harbor, that is what they say. They say, they say,
say, well, you can only reward the code exploits that violate the computer fraud statutes
because these other ones are manipulating the entire market and you're not the entire market.
So guess what?
You can't consent to that.
But we can't let that stop innovation because otherwise these protocols will never be secure
on autonomous and decentralized terms because they won't get attacked enough.
Yeah.
Yeah, it's kind of funny because I think like a year or two ago, we were talking about, you know,
the idea of indemnity funds and insurance funds, but those indemnity funds were
at the time focused on some of the operators of things like DAOs and participants that might be at risk.
But I think since then, it's probably expanded to be a more necessary conversation on a broad basis.
I would say, you know, gave focused a lot on the lack of vulnerability testing that we, you know, may suffer from in the absence or, you know, in the presence of the regime that applies like this.
I actually think one of the more straightforward things is that there are a number of different DFI models that,
are currently employed by different, you know, almost core infrastructure pieces at this point,
that, you know, arguably are going to come under scrutiny as acceptable if something,
especially like the manipulation or front-running claims, get treated as something actionable
by the government moving forward. And what I mean by that is, you know, we can take, you know,
let's say two or three of the, you know, more common or probably most popular, let's say,
infrastructure plays right now with MEV. M-EV, you know, and some characterization might be seeing it,
not in some characterization. It does, you know, essentially take the concept of front running,
operationalize it, and then democratizes it amongst the entire spectrum of users such that,
you know, it makes it more fair, but there is an argument, and this isn't my position necessarily,
but I think, you know, if I'm steelmanning this from the CFTC or the DOJ's perspective,
and I want to apply something similar to Avi, my argument is essentially going to be, well, look,
it looks like you guys are just saying you've operationalized and democratized front running for everybody
willing to participate in your playground. It's not that you've got rid of it or something like that.
It's that instead, you're protecting this network by essentially enabling everybody to do so,
and in doing so, cutting down the risk of one or two particular actors being able to manipulate that.
But here's the thing. There's no, like, safe harbor or exemption in the CEA for, like, oh,
the manipulation is, like, good for everybody, so it's cool. So, like, this is the type of characterization
that I think people have to think a little bit about. You also have dexes and some of the Dex types of plays
that rely on MEV-like plays that are going to be doing things, you know, and I won't, you know,
name for, I think everyone knows particulars at this point, or there's, you know, essentially an L2
version of this for every, you know, major aggregator where they're doing something like
they're ordering transactions on an L2 network or on an off-chain basis and then submitting them
in ways that provide front-running protection. So again, these are all things that I think are
positive for the system. These are things that, one, again, as Gabe is highlighted, in the absence
of traditional legal systems, we're going to need, you know, systems, you know,
algorithms, structures that essentially enable us to either mitigate or control for or protect
against certain risks that the legal system typically does. And in order to do that, we do kind of
need some of that experimentation. I do tend to agree. I don't think Obie's approach was greatest.
But by the way, just as we go through this, I realize we're happy with this episode.
I want to note, I can't speak for Gabe on this. Maybe I can. But like, I don't think this episode
should be looked at as like a defense of Avi or like, you know, prosecutors are looking at this.
God forbid he gets off on like some weird quote from this.
episode. I actually witnessed some of his takes. He was also involved in this Faye Rari
collapse, and he actually was also involved in his own projects collapse, where he also used the
system as intended with Fortress Dow in order to have people vote for a project that he was
affiliated with, did not fully disclose things there, and then essentially made the same legal
arguments as he's done here, which is to say, hey, I've used the system as intended, I submitted
this all through governance, you all essentially consented to this. And so, yeah,
yes, I should be able to walk away with these treasury assets.
Interestingly, you know, I'm surprised that this has not yet come up
and perhaps, you know, they'll likely discover this
because I think it's the same bucket of things.
But I just want to add that last part before we get back into how this impacts D-Fi.
This is not supposed to be like a yeah, like, ah, if you did it,
she saved us all or something like that.
Although I am wearing my black hat, so.
Yeah, no, my interest in this was just because of how, like, sticking
a nuance of the whole situation is.
You know, like I said, I think most people in crypto view what Avi did is like wrong in some
respect.
But then I found it fascinating that Gabriel was saying that this could set up kind of bad
precedent for Defi.
And so I wanted to explore that.
But Collins, you keep on mentioning kind of the role of the Dow and how that could also kind
of, I think, or how this case could present conundrums for DAOs in general.
Like you raise the issue about whether DAOs want to be seen as running exchanges.
is I feel like there was another point. Can you talk a little bit about how this case could affect
Dow's that run protocols like these? Yeah, and I think, you know, to talk about that,
we could take a quick step back to Uki Dow that happened a few months ago. And for those that
aren't aware, there was essentially an exploit that happened in another protocol. There were some
allegations that essentially the assets that were traded there were involved there were regulated
commodity assets. But in relevant part for this discussion, there is a Dow involved in that in the
operation of that protocol. And in that case, the CFTC and the DOJ's position is that the Dow is
essentially running that protocol, which allows for derivative types of transactions. The issue is that,
you know, prior to going after the Dow, they looked at the founders and said, hey, you know,
we think you're liable for some of these things. The founders settled. And now you have this
question of, okay, well, who at the Dow could one respond to this, receive service? You know,
who should be liable? Can they apportion the debt in this way? This has been a question that people
have been talking about, but I think it's, I think it's a little less.
controversial in that case, then if the same type of thing was alleged here. And the reason why I say that is because in this Mango situation, they're explicitly just saying, hey, you guys are just operating an exchange that allows for the swap of regulated commodities exchanges. Now, the issue is if that is the position that's accepted, let's say at a court level and something like that, they're essentially saying, hey, this Dow is an organization, whether you want to call it an unincorporated association, whether you want to call it an, you know, an ink, whatever it is, this organization, this organization,
is running this thing, you would normally need some type of licensure to do so.
In the absence of that, you guys are all liable for not having this license.
In addition, just like we've seen in Uki and other situations, typically when you have
something that's a licensed entity, like a DCM or some type of futures exchange,
you also have those same type of money laundering and sanctions obligations that we've
seen everybody freaking out, rightfully so over the past a year and a half, those things,
like not only do you have to conduct AML and KYC, but you're blocking and geo-fencing off
around in North Korea and all of these places.
Now, obviously, you know, the Dow is one not equipped to do that right now.
They don't do that.
And I think their position would be, hey, we manage some treasury.
We don't really operate this exchange.
But that was already an issue that was, you know, pronounced an Uki Dow.
And I think here should have come out, really explode and ripple across the rest of the space.
Because Uki, there was an argument, at least, that the way in which the keys were transferred from the original founders to the Dow may have left the Dow with some operational control that might be untenable.
I actually don't think that's a great argument, but I could at least, again, if I'm trying to steal man the CFTC's position, I could at least see that. As far as I'm aware in the mango holder situation, they don't maintain keys that could change significant parameters. I'm going to assume that's the case. And even if they did, I think there is no evidence or at least nothing I was alleged in the complaint that they were actually doing so in connection with this attack or prior. It's just that, hey, they had some governance control. Perhaps they can change some parameters. But none of that was at issue here. It was just, hey, the guy just ran this exchange. But they're saying, hey,
this exchange in and of itself is an exchange that would normally have to be registered in order to run these things.
So I think the implication for a lot of DAO set up this way is, hey, either we, you know, we take this position that, yeah, to defrauded the Dow, the Dow is owed something, but then you're in the uncomfortable position of saying, okay, well, if they defrauded us as the operators of this, do we have responsibility for it?
And then I think it goes back to the art.
Instead, should we be looking at system designs, again, going back to our defy norms,
where that's not even a possible question or solution.
I don't think people should be in the position of saying, hey, we operate this protocol.
But unfortunately, as I think some people in our community have rightfully pointed out,
it's arguably irresponsible to launch something like Mango or something like that, you know,
from day one, totally immutable, totally unable to change anything, totally unable to rectify
mistakes because I mean again I mean think about this wasn't even a hack this is just a system design
issue but we've seen countless hats where you know arguably let's assume it wasn't an insider attack
arguably probably would have been better for somebody to have like an emergency key to stop something
when they couldn't or perhaps it was a multi-sig and they couldn't get consensus fast enough to stop an attack
so you know while I obviously think that on a long-term basis having these like very very kind of
immutable designs as almost a rigid standard are ideal there's a there's a harsh reality that
that I think all of us that are like decentralization maxis have to accept, which is unless you
have very simple and narrow systems, there's some interim period where unfortunately it's probably
better for folks to maintain some control in order to avoid these risks, but then you have this
tension that gets introduced here. Yeah, I think it's been a little bit too much of a convex thing
where it's either immutable or you just have complete arbitrary powers of some multi-save to do
absolute anything. And there is a lot of in between there. And I think there's, like, not only
in between in terms of different things that protocols have done, but I think there's a very
unexplored design space. Like, for example, Curve has an emergency multi-siguit, which I'm actually
a member of. And I don't have any indemnities or anything from them. Well, I'm pretty comfortable
with it because its powers are extremely limited, right? All it can do is, like, freeze like a pool and
switch it into withdrawal-only mode, right? Or, like, stop the curve.
River rewards to a full. And then it's like overrollable by this by the full down.
Right. And so you can you could also like imagine like a multi-sig that has a power to just
do one thing, which is put a particular proposal on a much short to the Dow on a much shorter
voting schedule. There are a lot of there are a lot of different mechanisms you could play with.
And again, the a key takeaway right is that there are two sources of liability. One is was there
some negligent design or something like that that enabled this particular expert?
to happen. And the other is, well, just the whole thing in general, did it require some type of license
or is it required to be operated in some other way? You know, and is there a liability for that? Both are
bad problems and both are sadly probably relevant here. Although I think on the design aspect,
like, I could make a straight face defense that no one in Mango did anything wrong. There was no
governance problem, no design problem, nothing. Like, yes, obviously, in retrospect, he could borrow too
much from Mango token, but like is it to the point where it's like reckless, like grossly
negligent or whatever that they said it that way? You could probably argue either way, right?
So yeah, these are two different issues. Yeah. Well, so Collins, is that one of your concerns
about the Dow that like if it were determined that not only did Avi manipulate it, but that the
kind of, you know, the exchange owners or operators in this case, the Dow messed up by allowing
that kind of collateral to be used in that way
or without stricter limits or something like that?
Do you feel that that could be an implication here?
Well, not only could be an implication,
but I think it highlights the kind of issue here, right?
Like, one, you know, most of the Dow members,
unless you're going to carve out the original developers
who probably told some tokens or something,
have no impact on the overall design of the system.
Like, their governance powers, even to the extent,
let's assume in this case that they did have some ability
to, let's say, change some of the parameters.
Typically, your governance control, and I know for this is something I do know for sure in Mango,
they don't have the ability to refactor the entire code base all of a sudden overnight.
So it's limited to a certain set of inputs or parameters that they can tweet.
And so it highlights kind of the issue.
And we also say this with UkiDal, where you're trying to establish some type of liability regime through the government.
You're saying, okay, well, do we go after the original devs?
One, you can imagine a situation where let's say Mango wasn't originally allowed as collateral.
And the devs, and this actually does happen in DFI protocols where they do things like,
they may not allow their token to be traded originally for other regulatory concerns and then
like governance holders voted in. There would be a real question here, right? In the hypothetical you just
gave me, are the developers who originally developed this thing, but maybe it didn't have the
quote unquote system design flaw because they didn't enable the collateral suddenly liable or should
suddenly the community of token holders who voted for this be liable for introducing that design
flaw? And if so, is the subset of people who voted for it so that you can apportion liability to them,
like their individual partners who made that decision, or should it be the aggregate Dow and then are they liable to the entire market or just to the other partners who lost value?
All of those things kind of highlight the issue when you start thinking through this and you say, okay, well, hold on.
None of that really is the right outcome here.
One, because even to the extent that you felt bad for some of the, let's say, minority partners in the Dow, they kind of signed up for this.
Their option is to either leave the Dow partnership or to go along with the vote that they all have tweeted to when they kind of signed, I would say, informal constitution.
where you said, hey, I'm going to agree that the majority decision governs the parameter
switches here. I'm going to agree that if something gets introduced like collateral that I may not
agree with, my only option is to either exit or to accept the decisions here. But once you start
introducing these types of questions and potential legal liability regimes, you can start to see
Gabe's former point, which is suddenly it upends and kind of undermines the entire notion of these
systems. And it starts to do so not just when there's a conflict or an issue arises,
but it actually does so even prior to the fact because these types of decisions are going to be made, you know, a priori to some type of, you know, exploit.
People that hold the tokens are going to be making these same types of decisions if this type of liability regime applies because they're going to know, hey, hold on, maybe we should or should not allow something like this to occur if the government is going to be able to show up in two years and say, hey, you know, 63% of you who voted for this are liable for the other 37%.
So the entire dynamics of how DAOs will work, I think, are upended by this.
And yeah, it's a good example of an implication that, you know, might seem very limited.
Like, hey, maybe just these DAO members are going to be liable for something, but it won't be.
Just like, you know, people are already starting to change and order their behavior in response to the Uki Dow complaint, despite they're not even being a resolution yet.
The same thing would start to occur here.
If it really was the case that these DAOs are not just operators, but suddenly individual members or collectives could be liable for these things, the entire, the entire, the entire,
system would be upended. And I think you'd see a lot more anonymous participation. You'd see a lot more
student anonymous participation, offshore participation. And I think, you know, like, you know, Gary or
see if you see is listening to this and they're like, yeah, that's what we want. I think they should
really consider if that's what they actually want. Because one, you know, we've already seen
what's happened in FTX when all of these things go offshore. We've already seen where individuals
can organize outside of our parameters, but still introduce risks to our system. So I think, you know,
some regulators, I suspect that that's somewhat their goal here is to make it so unattractive
to participate in these systems or groups that they become untenable.
But I think the end result won't be that they become totally untenable.
It's that they become pushed to certain areas that aren't tiny.
You know, we can call them niche markets, but a niche market that gets, you know, three,
let's say, seven percent of the world's population or interest over the next 10 years is a lot of
people.
And that's a lot of people that can impact our markets as well.
So I think that's something that they also need to take into consideration when they're trying to make this type of participation so unattracted or so confusing that it essentially gets pushed to the shadows.
Or maybe they're confident that they can crush it all of them.
Gary is powerful.
So we'll see.
One other question that I wanted to ask was about how Mango markets negotiated with the Avi when he returned like 47 million of the tokens or whatever.
And then they said we won't pursue any kind of legal action against you or I don't remember the phrasing.
But I just find it funny that they even thought they could, that they were in a position to offer that because that's the U.S. government's decision.
So that's definitely obvious. So just for some background here in case you're not familiar with this, because Avi actually, he has this like, I don't want to call arrogance. I mean, it is arrogance, but he's got this thing that he genuinely believed that he understands the law.
He both understands that he's not a lawyer, but also has very strong legal opinions and essentially acts on them.
And again, the only reason why I know this is because I actually witnessed him trying to give a defense of fortress and some post-Ferrari manipulation stuff that he was involved in.
And essentially, his arguments are essentially always the same.
And so I would be thunderstruck if the mango people offered this.
It's really odd.
I mean, if you look at not just his original post.
They kind of did, right, because they posted something in the governance forum that said, basically, here's the deal we're making with Om.
Right.
And they did have a line in that that said, by voting for this proposal, it was their proposal.
It was a Mango team proposal, I guess.
By voting for this proposal, mango holders agreed to pay off the bad debt with the Treasury
and waive any possible claims against bad debt holder, which of course was obvious.
So now, I'm sure he required them to put that language in there.
And he probably thought that by doing that, he was getting himself some protection.
But it's not going to be an enforceable agreement, right?
Oh, no, I agree.
I'm just saying I think Avi was the one who suggested that.
I don't think the Dow is like, hey, let's release him.
It's Avi who thinks he's like the legal suits genius.
It's like, nah, you've got to release him.
Right.
But just to answer your question, Laura, it doesn't, they didn't need to think the mango
team or community or whatever, they didn't need to think that they were in a position
to waive those claims.
They just needed to think that there was a guy who, if they said these magic words,
would give them the money back.
And in fact, my suspicion, partly because I know a lawyer involved in the project, is that, you know, they were thinking the exact opposite, that this is bullshit and it's unenforceable.
So let's just say it, get the money back.
And he's still going to have criminal lives.
Yeah.
So it's more that Avi was so gullible to think that that actually protected him in some way.
Yes.
What will be interesting, though, is what impact that does have, again, on.
On this fraud allegation, I think on the manipulation claim, it's probably useless.
But again, and the reason why we keep raising this just in case it's not clear is that fraud,
fraud claims generally have essentially like a heightened feeding standard, whether it's the government, whether it's individuals.
You essentially have to prove that like somebody had a very specific intent when you're dealing with fraud claims.
And again, it's also the case of most other criminal claims.
I'm not a criminal or so I'm not going to go farther than my limited knowledge.
But suffice to say fraud claims require a very specific level of.
of intent. And despite the fact that I think all of us, you know, think that obvious BSing online and
is kind of crazy and gullible, he has been radically consistent that he genuinely believed that he did
not do anything illegal. Now, that does not mean you're not a fraudster. Maybe you've admitted something.
But I think, you know, something like this, you know, let's argue good faith negotiation and even his
claim of saying, hey, I think something like this white hack downy is not enough and then going and
negotiating a higher one may give them at least some challenge in saying, hey, this guy intends
to take all these people's money. I mean, the guy showed up, he said it was him, negotiated with
the community, and signed us a release. Now, I don't think it's going to absolve him of all
of his criminal liability, but I do think, you know, if I'm him, I'm at least telling my lawyer,
hey, you've got to make some arguments about how it's very clear I was working in good faith
to get this money back. And in fact, I did get all the money back. All of the retail users
ended up completely whole and I ended up with my bug bounty.
Now again, I think ultimately from the manipulation angle, completely useless argument.
Like, hey, you did go out and manipulate this.
But from the, hey, you intended to defraud these people when you've got a pretty long
history of saying, hey, I'm going to do this thing, collect a bug bounty, then did it
and just negotiated a higher one.
Again, it's not bulletproof, but I am interested to see if that ends up becoming part
of his argument of saying, yeah, I posted all of this publicly because I genuinely thought
what I was doing was not fraud. So maybe he's got some manipulation issues, but can get rid of the
fraud issue, which, you know, it ain't nothing. The fraud issues, you know, often the ones that
you're looking at, you know, more serious criminal liability and more serious issues. So I'm interested
to see if that helps. Yeah. And I actually want to give the audience, like a little bit of perspective
on what you're talking about in terms of his mindset, because he wrote a blog post about different
strategies that he and his team had been using kind of especially during, I think that's, yeah, he
posted this in early 2022, so it must have been kind of in 2021. So he talked about how they did
NFTs sniping where the team made these bots that could just mint a ton of the hot
NFTs right when the project launched. And I'd do something with the gas price to like save themselves
money because I think the way a lot of other people were doing it was trying to participate in the
mince by just spamming with really high gas fees. And so because they were able to generate a ton of
these mints, then, you know, the floor price is, you know, like higher right after the mint. And so
it was just like easy money. And to my mind, it's like very similar to what like ticket scalpers do.
And he said that just three weeks of that netted them two million dollars in profit. Eventually, like other
bots took over and he wasn't able, they weren't able to do the same thing as effectively. But
another thing they were doing was they were borrowing Ample on Avey had an interest rate of 2%. And
because of the rebase and ample, whenever that rebase was more than the 2%, then they were just
profiting from that as well. And he said that they garnered $1 million in profits on $5 million of capital
deployed. So those are kind of like, I would say, just more like smart trading or whatever in
the span of T. I don't know what you think of that NFT thing. Maybe that's like in a gray area.
But all I'm trying to say is like, those to me don't seem so obviously illegal. And so
then it gets to the Fortress Dow thing, which Collins, you alluded to a little bit, but basically
he created this project. And I may not have all the details right, but the way the project worked
was that it would sunset at a certain point if the value of the FUSD reached $1. And then he kind of
like mucked up the project in some way where that was just going to be the inevitable outcome.
And he would walk away with like $7 million from that. And like all the people that had participated in
that Dow couldn't really do anything.
because that is how it was designed to work. So it was kind of like a rugpole where, you know,
he like did the minimum amount of effort and then at a certain point went kind of slack and just like
let it die and then, you know, profited. So you can sort of see how over time, like it gets more
and more up to the line and potentially over it, again, when you're in that kind of mindset of that
type of person, like that's you're, I think you're right that in his mind, he's justifying the
mango markets thing the same way. It's just like a bit for a bit for a bit.
even from kind of his original exploits.
So I don't know if you have any comment on that.
No, no.
I mean, I completely agree.
I think that it's kind of funny because as you were describing it, I'm like,
yeah, you know, we did kind of witness in real time, the evolution of somebody.
This is kind of like seeing SBF, but publicly because we saw him start with something
that's like, oh, that's pretty scummy, but I guess you can do it.
And then all of a sudden, it's like, well, my own half of the Bahamas and goodbye.
So, yeah, I mean, I definitely think you're right there.
It's just, it's kind of sad because he's actually a smart guy.
Like, I don't like him, but it is kind of funny to see him kind of like wax poetic in the random discords where, you know, he's one, I shouldn't say it's funny, but it's kind of bizarre, like when he's talking to some victim.
And he's like, no, no, you just don't understand the system is working.
Let me just explain to you why I have your money instead of you.
But at the same time, you can see, you know, he had a failed curve attack after this mango thing where, you know, again, he described it publicly.
people said, oh, that's stupid, you couldn't do that.
And then he proceeded to try it, and it almost worked.
Now, I think there were enough other interested parties that essentially just PVPed him on the open market.
That's a good example of how, again, you know, he publicly described that, nice, Kafka.
You know, he publicly described that, proceeded to do it.
And I think the only reason why we're not also talking about that right now is primarily just because other whales were interested enough to essentially fight back and take the other side.
So, again, it's hard.
Although actually, I'll just say about the AVE thing, so he, again, was going to do the same kind of price manipulation in order to, you know, to take out more money than people think you would have thought he should have.
But what I read was that on the same day, Avey released at Stablecoin white paper.
And so the token price pumped and he had a massive short on Avey.
So he lost all this money.
And so in at least what I read, they were saying that it wasn't necessarily people like hunting his position so much as just.
that the like in a totally unrelated although although the timing of releasing that white paper could also
be another form of funding his position yeah the way it was written it made it seem like that
wasn't uh the purpose it was just the day it happened to come out but anyway you guys this has been so
fascinating i don't know if you if we missed anything if there's any like single last statement you
want to give yeah i mean i would just say a few things i mean at the end of the day i think credit
protocols are cool i think they're socially positive
I still think that there's a huge design space for making secure ones.
And there's, you know, Mango is kind of still like a, maybe like a Gen 2 credit protocol or something like that.
But, you know, there are all kinds of things like dynamic interest rates.
You know, some are governance maximized.
Some are governance minimized.
But different mechanisms.
In fact, SBF had, you know, had a long post before he went to jail about the Mango protocol,
exploit and talked about, you know, how different types of risk engine does.
designs that perhaps respond a bit less immediately to price changes on centralized exchanges
for illiquid assets, you know, can mitigate this type of attack. So yeah, I mean, I hope that we can
just continue to let people experiment and kind of maybe create some parameters around what's
a socially acceptable type of attack. And then I hope prosecutors will like use their discretion
not to throw everyone in jail so that we can keep building cool things and ultimately make them
very secure. Okay. And Collins, last few words? I think that just protocol designers and users should
just take the bear market to potentially step back, be a little more rigorous than establishing
early parameters to be safe, things like thresholds for deposits, things like time locking some things
for a bid. It's not like you're going to get $2 billion or TVL anyway. Take the opportunity now,
if you're going to launch something, to actually do so in a fairly reasonable manner and then scale up.
We used to do that in 2017 or 18. It's crazy that we're looking.
at the ICO era for lessons, but, you know, consider it. Other than that, you know,
thanks again, Laura. Hopefully your building is safe and not on fire right now. Good luck
being out. Thank you. All right. Well, it's been a pleasure having you both on Unchained.
People can find you in the links in the show notes. I'll put links to your social media.
But yeah, thanks again. Great. Thanks again. Have a good rest of the day.
Thanks so much for joining us today. To learn more about Gabriel, Collins, and Obvious Arrest.
Check out the show notes for this episode. Unchained is produced by me, Laura Shin,
with all from Anthony Hewn, Mark Murdoch, Matt Pilchard, Zach Seward, Juana Ranovich, Sam Streetrom, Pamichumdar, Shashonk, and CLK transcription.
Thanks for listening.