He Gave 50 Strangers His Private Keys
And you won't believe what happened next. Also, Aave admin keys handoff, MakerDAO gets flash governed
By:
Hello Defiers! In today’s issue, we’ll dig into the day’s most interesting news, but also give you a peek into a crazy experiment exploring digital art and greed:
- Aave turns governance to community
- DeFi project uses flash loan in MakerDAO governance
- The Defiant producer Robin Schmidt has been leading an experiment exploring the very core of human nature and today, the grand finale is revealed
If you’re receiving this email, that means you’re a paid subscriber of The Defiant, (thank you!) You’re getting the full content of this newsletter, while free subscribers are getting only a portion of it. Subscribers also get exclusive access to The Defiant’s Discord chat group for the community, here’s a new link to join.
🎙Listen to this week’s podcast episode with James Prestwich here:
🙌 Together with Zerion, a simple interface to access and use decentralized finance, Sorare, a fantasy football game with officially licensed cards on Ethereum, and Near, a high-performance proof-of-stake blockchain that interoperates with Ethereum.
He Let Strangers Raid His Private Wallet for Art
Non-fungible tokens, or digital assets representing unique and scarce items, have taken off in the past few weeks. So much so, that video producer Robin Schmidt and artist Simon Wan thought to do an experiment to find what is actually valuable, art attached to these tokens or their crypto component?
And that gets to a deeper question: are those buying or coveting these items cultured, or just greedy?
The Rug Pull
That was the question posed to all those who stumbled into a Telegram chat called The Rug Pull. The gateway into this rabbit hole was a QR code embedded in the latest video in The Defiant’s YouTube channel, published one week ago along with the question: Can you recognize art when it’s right in front of you?
Those who picked up on that wink and scanned the QR code landed in a parallel universe with its own special rules. Throughout the week, they were treated with short videos reminiscent of the self-destructing messages in James Bond movies, containing riddles and tasks.
The Bomb Squad
One of these tasks was for the first 50 people in the chat to fill out a Google form with their ETH address, in exchange for which they were airdropped a Bomb NFT (one of which is for sale here).
There was no limit for the number of addresses they could include in the form so theoretically, someone could have taken all 50 tokens. Still, most of the group showed to be cultured and not greedy. Unfortunately for Robin, this wasn’t the case in a subsequent test.
12 Angry Men
Robin, aka SuperMassive, performed the ultimate sacrifice: He exposed the seed phrase of his private wallet in a cryptic video. Nonetheless, the savvy people in the group were quickly able to pick up on the hint.
For what happened next, and to see what this experiment’s grand finale will be, watch the video:
Aave Releases Admin Keys to Community
Aave has transferred its admin keys for the lending protocol with nearly $1B in total value locked over to AAVE holders.
The transfer of power from an address controlled by the Aave core team to the decentralized governance contracts means token holders will have the ability to make proposals to execute and upgrade the protocol.
New Responsibilities
This handoff includes control over the Lending Pool Manager, responsible for changing key parameters such as the loan to deposits ratio, interest rate thresholds, enabling (and disabling) lending, borrowing and collateral types, and the listing of new assets.
The TokenDistributor contract is also now in the hands of governance, giving AAVE holders the ability to govern and distribute protocol fees. This comes alongside the ability to mint new AAVE in the future, should the protocol utilize its 3M token Ecosystem Reserve.
Compound Governance
The transition to full decentralized governance comes after Compound Finance, which has a tight lead over Aave as the second-largest lending protocol, transferred its protocol keys back in June.
The primary reason for the wait was the ongoing migration from LEND to AAVE, marking the introduction of Aave V2 and the start of token-based governance. Roughly 86% of LEND has migrated to AAVE since the bridge opened last month.
The transfer of power to the community solidifies AAVE holders’ key role in the evolution of the protocol. They’re now also insurance providers through the Safety Module, on top of ones executing on major protocol upgrades.
Maker Gets Flash Governed
In the wake of flash loans making headlines for exploits, this week's use is a first of its kind.
B.Protocol - a decentralized backstop liquidity protocol - utilized a flash loan to borrow MKR and pass a governance proposal to whitelist their use of Maker Price Oracles. The October 23rd proposal came just four days before the project’s public launch, one that received support from Maker itself.
Influence Over Proposals
A MakerDAO forum post recapping the event stated that B.Protocol was fully transparent in their use of a flash loan, drawing attention to a wider issue of governance attack tactics that could be used to influence proposals.
Now, the Maker community is discussing how to protect against future flash loan governance attacks by increasing the Governance Security Module delay to 72 hours and deauthorizing (or reducing surface vectors) around the Oracle Freeze Module and Liquidations Circuit Breaker.
Burn MKR
This comes in tandem with a signaling vote for the community to be able to burn any future MKR borrowed and used as a governance flash loan, setting the precedent that “(MakerDAO) will try to burn your MKR if it’s used to attack the protocol.”
Tally @voteWithTally🚨 Breaking news 🚨 ⚡️ @bprotocoleth uses flash loans from @dydxprotocol and @AaveAave to pass key vote requesting whitelisted access to @MakerDAO oracles ~13,000 $MKR borrowed, voted, and repaid in single transaction More details in forum post 👇 https://t.co/jpufORGWGy8:12 AM ∙ Oct 29, 202028Likes7Retweets
Outside of its exciting governance controversy, B.Protocol is now allowing Maker Vault owners to share in the proceeds from liquidation auctions commonly outsourced to the wider Ethereum community. Liquidation providers, called Keepers, provide a buffer on Vault collateralization and share their liquidation profits for the ability to be the first to liquidate undercollateralized loans living on B.Protocol. More on B.Protocol can be read here.
Tying it all together, DeFi builders are getting more creative in the ways primitives like flash loans can have major impacts on foundational protocols. While B.Protocol was not malicious in nature, this story goes to show that teams should be weary that governance attack vectors still exist, and that they are usually unknown until the second they happen.
Audius Is Moving Part of Its Service to Solana Blockchain: CoinDesk
Decentralized music app Audius announced Thursday that it will migrate its content management system over to Solana’s high-speed blockchain from an Ethereum sidechain operated by the POA Network that runs on a set of trusted validators, CoinDesk reported.
Leaked ‘Tai Chi’ Document Reveals Binance’s Elaborate Scheme To Evade Bitcoin Regulators: Forbes
Binance Holdings Limited, the world’s largest cryptocurrency exchange conceived of an elaborate corporate structure designed to intentionally deceive regulators and surreptitiously profit from crypto investors in the United States, according to a document thought to be created by its senior executives and obtained by Forbes.
A Whopping $2 Billion in Bitcoin Is Now on Ethereum: Decrypt
There’s now more than $2 billion worth of Bitcoin on the Ethereum network, according to the latest figures from a dashboard on metrics site Dune Analytics.
The Defiant is a daily newsletter focusing on decentralized finance, a new financial system that’s being built on top of open blockchains. The space is evolving at breakneck speed and revolutionizing tech and money. Sign up to learn more and keep up on the latest, most interesting developments. Subscribers get full access at $10/month or $100/year, while free signups get only part of the content.
About the founder and editor: Camila Russo is the author of The Infinite Machine, the first book on the history of Ethereum, and was previously a Bloomberg News markets reporter based in New York, Madrid and Buenos Aires. She has extensively covered crypto and finance, and now is diving into DeFi, the intersection of the two.
