Lendf.Me Resolution, Part II: dForce “Better Future” Proposal
In an update earlier this week, I reported that nearly all of the stolen funds have been successfully recaptured thanks to the efforts of our partners, law enforcement, investors, the community, and our team.
In Part I of this post, we outlined a step-by-step guide for our users to recover their funds. If your funds were affected by the attack on Lendf.Me, please read Part I before continuing. Since publishing the guide, our team has been working non-stop for 48 hours to return each user’s funds exactly how they were prior to the time of the attack. As of the publishing of this post, we have completed the recovery process.
In Part II of the plan below I will share the next set of actions dForce is taking in full details. We decided to name this plan the dForce “Better Future” Proposal as the first message sent to us from the hacker was “0xBetter Future”.
At a high level, first and foremost following the recovery, we are planning to airdrop 2,000,000 DF tokens (dForce’s native token) as a gift to the exposed Lendf.Me users who steadily stood behind us amid the crisis. We are extremely grateful to have such a strong community of supporters, and we are committed to growing that bond.
Next, we will set up a new dForce Insurance Fund (dSAFU) to protect users against future attacks and other extreme scenarios. In addition to the fund, we are also strengthening our overall risk management precautions and procedures and plan to completely overhaul our security practices. Risk management is still a nascent topic within DeFi. We plan to lead the way, and help others in the community take more progressive actions beyond t security audits.
Airdrop to the dForce community members
A total of 53 hours went by while we chased down the funds. Despite the fact that many of our community members were harmed in that time, we received an overwhelming outpouring of support from the community, particularly from our users based in China. I have been blown away by their kindness, compassion, and encouragement. In times of crisis, people’s true nature shows, and I am still in awe of the resolve of our community. Many of you have also expressed willingness to return to dForce in the future. I cannot tell you how much that means to our team, and to me personally.
I too am resolved to re-earn your trust, but earning your trust back is not enough. You are a full participant of the community and should participate in it as such. Awarding tokens to our most loyal members is the least we can do.
Once we finish returning the users’ funds, we will airdrop 2,000,000 DF tokens to our users who were exposed in the hack as our way to express our gratitude for your trust. By offering these tokens, we sincerely hope you could continue to be a part of the dForce community and grow with us in the future.
We will provide full terms and conditions of these community tokens at the time when we execute the airdrop.
dForce Insurance fund — dSAFU
There are significant risks associated with composability and permissionless access. On the one hand, we want our users to benefit from inexpensive global liquidity, but on the other hand, also want to protect them as much as we can.
Therefore, in the interests of all users, present and future, dForce will create a dForce Secure Asset Fund for Users (dSAFU). The dForce Foundation has elected to allocate 50,000,000 DF tokens into this dSAFU as its start-up capital.
In addition, as soon as we relaunch new protocols, we will allocate 10% of transaction fees generated in protocols with the dForce network into the dSAFU to offer protection to users and their funds in extreme cases. The percentage of the fee burned into this dSAFU is subject to the governance of DF token holders, as we will be launching new protocols under dForce and the fee model of each protocol will be different. This fund will be stored in a separate cold wallet managed by the dForce foundation.
“Better Future” Whitehat Bounty Program
While hacking and security incidents are inevitable to this nascent industry, we would like to encourage responsible hacking. Active whitehat hackers are always very crucial to the robustness of the whole DeFi sector. Hereby, we’d like to set up a bounty program of a total $500,000 to incentivize the responsible whitehat hackers to stress test the protocols operated under dForce.
Strengthening Risk Management
Moving forward, we are implementing a new risk management standard that addresses three critical components : code security audits, financial risk management, and operational risk management. In this section I’d like to talk about how we will improve each aspect going forward.
First, we have conducted a comprehensive security audit of all protocols within the dForce network. On a go-forward basis, working closely with the help of the top auditors globally, we will develop a new, rigorous audit process. In addition to auditing the protocols themselves, we will also audit the asset integration process to make sure that the unique composability aspects and dependencies related to each asset are well understood and safe to introduce into our protocol ecosystem. In a future post I will explain the details behind the new protocol audit process and expand on all of the additional actions we are taking to fortify your assets.
Prior to the attack, we were actively working on dForce’s financial risk management processes as a second line of defense. Despite the fact that this incident was due to a composability loophole, it prompted us to reflect on this process as well. Moving forward, we will document the key parameters of every single financial product designed by our product team, and run through an internal risk analysis process before launching. We are also in the process of recruiting a Chief Risk Officer for the foundation to lead this process, a role that we believe all DeFi foundations should have.
Furthermore, we are enhancing our internal operational risk management procedures. To start, we are developing an internal manual to help us anticipate and handle extreme situations like this in the future. It will help us anticipate risks, practice fire drills, and conduct stress tests periodically. A hack could happen to anyone and any time again. With a pre-planned operational manual, we aim to improve our security overall and our response time.
A “Better Future” Together
Closing down our first money market protocol is painful indeed. Yet, if this hack brings attention to the loopholes embedded in DeFi’s composability, a broader problem that the whole industry faces, we are happy that at least some good came from it.
While we continue our adventure into the frontiers of DeFi, we plan to share what we learn with regard to security to all crypto financial service providers, including DeFi protocols, CeFi institutions, digital asset issuers, and security audit companies. The attack, and others like it, were a result of unevenly distributed information. As an industry, we can solve this through closer collaboration and better knowledge sharing. There is no standalone risk in our industry; everything is connected to everything else.
In conclusion, we would like to express our gratitude to all the asset issuers, centralized financial institutions, and DeFi protocols that offered help during this crisis.
What doesn’t kill us makes us stronger. To the better future of dForce, to the better future of DeFi.
Sincerely,
Mindao Yang
April 30, 2020
