Skip to main content

Compound Founder Says $80M Bug Presents ‘Moral Dilemma’ for DeFi Users




While Robert Leshner seemed to briefly threaten users with the IRS, the reality is that he – and the rest of the Compound Labs community – are now relying on the goodwill of users.

If a decentralized finance (DeFi) protocol accidentally gave you millions of dollars in tokens, are you obligated to give it back?

In an interview with CoinDesk following an $80 million exploit, Compound Labs founder Robert Leshner is arguing users should do just that.

On Wednesday night, a bug in money market Compound's code led to an erroneous disbursement of COMP tokens intended for long-term liquidity mining rewards.

The Compound Twitter handle acknowledged the bug shortly after, saying that no user funds were at risk. The bug only applied to Compound's Comptroller Contract, which is responsible for distributing liquidity mining rewards earned over time.

Nearly the entirety of the Comptroller Contract has now been drained, with 280,000 COMP distributed to users incorrectly, according to Leshner.

Despite the eye-popping sums lost to the bug, however, the community is now captivated by a debate as to what users should be obligated to do with their funds.

"This has been, without a doubt, the worst day in the history of the Compound protocol," Leshner told CoinDesk.

He went on:
"What makes it way worse is that I and most folks are completely powerless to do anything besides sit back and watch this moral dilemma play out."
IRS threats
In a Tweet on Thursday night, Leshner seemed to warn recipients of the erroneous tokens that there could be real-world consequences for keeping them – namely, that the U.S. Internal Revenue Service (IRS) might want to hear about it:


Some members of the DeFi community interpreted the comments to mean that Compound Labs was planning to report recipients to relevant tax authorities. Leshner apologized for the tweet shortly after.

Threats of "doxxing" have proven to be effective in dealing with exploits in the past – last month, a non-fungible token (NFT) team memorably threatened to call in the FBI and ordered soup to a hacker's address. The hacker relented, returning stolen funds.

However, in this instance even if an organization wished to pursue claimants, in practicality it may be an empty threat.

Compound Labs is a real-world entity that is working on the protocol, but there's no clear basis for it to pursue legal action – the structure of the decentralized autonomous organization (DAO) is such that it is now just another member of the community, according to a Compound Labs representative.

The representative also said the Compound interface is hosted on distributed file storage protocol InterPlanetary File System (IPFS) and there's no reportable information about users collected in any way.

However, due to the nature of the bug, many of the recipients of the tokens are not sophisticated hackers – they just happened to hit the jackpot.

Their operational security, or opsec, isn't hacker-grade. Some addresses that claimed large sums of the tokens have interacted with centralized exchanges where their real-world information is stored, and the claims could have an impact on their taxes.

Claiming the funds required no knowledge of the bug, and some users might not have been aware there was an exploit underway – they may have received millions while intending to harvest much smaller sums as rewards.

Leshner said the DeFi community has rallied around the protocol in an effort to find solutions. Yearn.Finance and MakerDAO representatives have been active in community channels in finding short- and long-term solutions.

However, Compound has an "extremely rigid" and slow governance process by design – architecture intended to make the protocol more resilient is now acting as a barrier to a fix. It will take another five days before the community can approve any updates to the contract code.

Technical solutions to the initial bug aside, however, the protocol now faces an even bigger problem: trying to convince users who received tokens to return them to the community.

"In my opinion, this is a bank error in a couple people's favor," said Leshner.

Comments

Popular posts from this blog

The Bitquence Liquidity Network

CryptoCurrency is gaining popularity, however with Bitcoin very user-unfriendly mass adoption is not coming. The Bitquence Platform is aiming to replace Bitcoin with it's many disadvantages with something better. A currency for the people. More and better usability, A wallet which is universal and support several coins, like Bitcoin but also Dash and Ethereum. Please read along to get the latest information about this project which can grow very large. Collection of abnormal pockets programs, With automated sources that oversee a large number of wallets for each and every of your financial paperwork making it exhausting to do. International Cryptocurrencies lately stay on experiencing an especially noteworthy increment, impulsively reaching colossal valuations. The have an effect on at the present economic system modified the psyches of people to take after enhancements within the time of Cryptocurrency. Virtual kinds of cash and blockchain innovation are lat...

BOScoin | Self-Evolving Cryptocurrency Platform

Well, what is BOScoin? BOScoin is a new virtual currency from a South Korean Fintech startup Blockchain OS. And unlike the existing virtual currencies, BOScoin is a new digital currency which also happens to be based on a blockchain. However, according to the company's experts it has a higher transactional speed which will go up to about 1000 transactions per second that is in line with the credit card processing speed. Its platform has been presented in both London and Berlin by Blockchain OS where they have been answering the questions of many with interests in the fields of design, technical, architecture, and governance. BOScoin is designed as a platform for a self-evolving crypto currency as an upgraded and much better version of both the Etherum and Bitcoin. BOScoin is however built to assist in trust contracts that usually provide a more approachable framework for creation and execution of blockchain contracts. Trust contracts are those secure and executable contracts tha...

PRO Commerce - Coin Back Rewards

A new and promising project is the upcoming PRO Commerce Project. In essence the project is about getting Rebates and Crypto currencies into 1 platform. Something which is not new, because the INCENT project is also about that, however the PRO project has a different approach in achieving their goals. Their platform will be the main field where the project and business model should excel and make the project a success. The platform The goal of the PRO Platform is to create awareness and engagement, something which by just offering rebates is not sufficient, however holding PRO makes the user also an spectator and the team behind Pro believes this will make a difference in the way users will be committed and engaged in the project. By holding the coins they will eventually use the coins to speculate and use it. The app within the platform itself consist of 4 main components which according to the team will add a tremendous value to any business, making it the main app to use in compar...