[PIP-035] A Path forward after the security incident

Summary

As the situation evolves, we suggest temporarily reducing the revenue share by 50% to help the protocol conserve additional reserves throughout this recovery phase. This approach will increase our flexibility, allowing for more strategic decisions by governance in the future.

In a recent governance proposal, [PIP-034], the idea of pausing protocol fee distribution was presented to vePRISMA governance.

Following feedback from the community, it became clear that the rationale behind the proposal was not fully explained. This post aims to communicate where we are at, and the expected next steps in order to get the protocol back up and running.

TL;DR
The following changes are suggested in this new proposal

  • Reduce the weekly protocol owned liquidity (POL) amount from $40k to $0.
  • Reduce the weekly amount distributed to vePRISMA holders by half, from $160k to $80k.
  • As new information comes in about this situation, we will also commit to revisiting these parameter changes 1 week after passage.

Where are we at?

Let’s first describe the state of the protocol now that actions have been taken to mitigate the impact of the exploit on the Prisma community.

First we want to highlight that the recent vulnerability did not affect the core protocol since this was isolated to the migration zap contract.

  1. Emergency Pausing has been activated across all trove managers (stopping all borrowing activity and preventing further liquidity from entering the protocol).
  2. Current damages to affected users is around $11.6mm. Due to the vulnerability, several troves are now at risk of getting liquidated
  3. Existing users are able to repay and close their vaults
  4. Of the affected Troves several have revoked the contract containing the vulnerability with ~$540k of collateral still at risk at the time of writing. (Please see the full list of the remaining affected troves in the list below. If you happen to know any of the addresses that are still vulnerable please help reach out and ask them to revoke delegation!)

What’s next?

Other than recovering the stolen funds, the top priority for Prisma is to get the protocol unpaused, and back into operation. A critical step needed before unpausing is for all users to ensure their wallet and positions are safe.

We ask that every user who has interacted with the Prisma protocol visit the following web page to check if their wallet is still vulnerable and to send the transaction to revoke:

Even if you have no open position, you will still need to revoke.

FAQ

  • Any progress on retrieval of funds?
    With the help of a major security partner, we are working every angle to get the funds back. This is our highest priority.

  • How long will the pause last?
    While the emergency multisig can pause the protocol, only governance is permitted to unpause. We expect within the next couple days for a new governance forum post proposing to make this happen. More details to come.

  • What will be the necessary steps to unpause the protocol?
    The first step will be to make sure that Prisma is safe to use when upaused. With the help of MixBytes and contributors, the root of the exploit was quickly identified, like highlighted in the Post-Mortem.

From there the most important thing to do is to have all possible accounts at risk to revoke the delegate approval.

We thank everyone who has completed this action already.

Still, there are 14 remaining accounts with open approvals. Five of which are “at risk” with open trove positions totaling about $500k.

  • Is there a precise timeline?

At the moment there is no precise timeline. Our intentions, in line with what most of the users expressed, are clear. The core protocol is unaffected by the recent vulnerability and unpausing is detremental to the health of the protocol. Trust needs to be rebuild after the incident and we are actively working with security professionals to improve our security practices. We are monitoring continually the revoke approval event and we are confident to get that last account to do the necessary steps in the coming days.

  • Reducing fees distribution instead of temporarily suspending it?

Due to community feedback, as well as the uncertainty around funds retrieval and precise unpausing timeline, we think it is fair to reduce fee distribution by 50% rather than the original 100%.

This is not a permanent measure, and we expect to revisit the decision in one week’s time as the situation evolves.

  • How much money do we have in fee receiver and what are inflows / outflows?

The address for the fee receiver is 0xfdCE0267803C6a0D209D3721d2f01Fd618e9CBF8 as stated in our docs. From the situation on the 31st of March, these are the actual numbers

  • 2,013,534 mkUSD
  • 672,516 mkUSD/PRISMA Curve LP tokens
  • 1,965,374 PRISMA governance tokens
  • 195,114 ULTRA
  • 27,197 3CRV
  • 0.85 wstETH
  • 0.776 sfrxETH
  • 0.6289 rETH

372,084 mkUSD is available on the grants committee multi-sig.
Addittionally, there is ~$140,000 in unclaimed fees.
Total: ~$3,893,370

Remaining affected addresses

Address Asset Value
0x2239Ac202240074B006a0Cd2C201284a284dfe21 $484,377
0x4EbFcF3707e5BBC9f96d88dA57eE47d1EC49820c $16,156
0x0A9AcA1ae6b4E60931a1a8eF034580074Bff763c $7,127
0x93e45360F7e5B0B85d8e65DAE9FA1a6f2aF56819 $10,582
0x787B24cEcEfeC7aF515f096b29d13d4D2fE9918D $22,081
0x57D7E9853072DdF1e288Fa4d7ee52412bFBB8347 $0
0xd0917ac1DAaCc35cC5aA3b5B987171723aA7230B $0
0xeE9536E8aEA9384f1A8dDf655A7E9Ee4579A160f $0
0x85d545937DB8D3BbC45288914dA7286442E9A2c7 $0
0x38F2944e482a050942E5fb1652Af4690017cd141 $0
0xcd493A43D9fB5A1b2b7D5739cc0C674C798DFFE5 $0
0x192820CE84FA9eb457Fb228c386fE0ed22F7E33C $0
0x477bAedE70CB2e7723e010600dF84674A4Baafaf $0
0x2d1EF4aCf4cae6a38950971AaAA15f88D9b3f165 $0

Conclusion

Exceptional times require exceptional measures. We value our community input and as such we hope that this proposal will be more aligned with users personal interest.
The perenity of Prisma is at stake here. This steps are the way to recover from this attack and continue to build a competitive CDP, with strong and resilient stablecoins.
As always please comment and share this proposal.

Vote

https://snapshot.prismafinance.com/#/proposal/0xf9e5f6147d07a90b372a167f5889145ff9ae955d59acb8c898698cec27f129fa

3 Likes