Consolidated Compensation Proposal for Victims of 5 Nov 2021 BZX Attack

Introduction/Summary

On 5 Nov 2021, a developer’s personal wallet was compromised in a targeted phishing attack, and since he controlled the admin private keys to the BSC and Polygon deployments of Fulcrum, those deployments were compromised as well. The Ethereum deployment is controlled by the bZx DAO, and was not compromised and is not directly affected.

This attack stole admin private keys and did not exploit the actual protocol code in any way, and the protocol remains safe. To put it in other words, the best lock in the world cannot help you if someone steals the key from your pocket.

As a result of this attack, approximately $55 million worth of cryptocurrency (prices at the time of the attack) was stolen by the attacker, from both the protocol smart contracts on BSC and Polygon and from individual user wallets which had given token spending approval to the Fulcrum smart contracts on BSC/Polygon and not revoked it.

The stolen assets include a number of tokens, and by far the largest part of the stolen assets are in the bZx native token, BZRX (approximately 42m BZRX, worth around $19m at the time of the attack, or more than 1/3 of the total attack value). I understand from the Telegram discussions that more than half of the BZRX stolen was the personal assets of the development team - approximately 22m BZRX, as well as a significant but unknown portion of the other stolen assets.

More details and a full accounting of the losses are to be found in the official Post Mortem of the incident posted on the bZx blog.

Disclosure: I am not a member of the development team and I am not paid by the DAO. However, I am a long-time community member and holder of BZRX since the 2018 ICO. All my personal BZRX was on Ethereum at the time of the hack and none of it was taken. However, I have lost a significant amount because I hold PGOV/BGOV and hadn’t swapped them to BZRX, and the BZRX for the swap was stolen by the attacker.

The purpose of this post is to consolidate the discussions about compensation by the bZx DAO to the victims of this attack and make a comprehensive proposal about the way forward. There have been active discussions about the amount and nature of compensation and the constraints faced by the protocol on this Forum and Telegram groups and elsewhere since the attack.

This proposal builds on the various different proposals and combines them into a whole.

Comments on all aspects of this proposal are invited and I hope that after 2-3 days discussion, this proposal (with modifications if any) can be progressed to a Snapshot vote, followed by an on chain DAO vote of BZRX holders perhaps around 22 Nov to approve it. The hope is that the compensation plan can be finalised and approved before the end of November.

It is important to note that the bZx DAO treasury currently holds approximately 43.4m BZRX (about $15.2m at today’s prices) and about 350m vBZRX (which is a form of tokenised vested BZRX which slowly converts into BZRX until July 2024). The treasury’s 350m vBZRX converts into BZRX at a rate of approximately 7m BZRX per month. I have not given a price for vBZRX because although it is technically tradable on Balancer, the market is highly illiquid and valuation is complex and it is not practical to sell it in large amounts - only to sell BZRX (if needed).

Proposal

Keeping the above points in mind, I propose the following (keep in mind that many people will be in more than one category below):

1. All those who lost BZRX in the attack (except for the development team) be compensated in full directly from the bZx DAO with BZRX. This will involve a payment of about 20m BZRX, or less than half of the liquid BZRX in the treasury directly to victims (no selling of BZRX). To be clear, this will also include setting up a new swap contract on BSC/Polygon so that the people who did not swap their BGOV/PGOV for BZRX before the attack, are now able to do so, including those who are PGOV/BGOV LPs (since the BZRX bridged to BSC/Polygon for this purpose has now been stolen).

2. The development team’s personal losses of BZRX will also be compensated in full, but they will be paid in vBZRX (not BZRX) which will vest slowly until July 2024. This is done partly to maintain liquid BZRX funds in the treasury for the operation of the protocol and not empty the treasury, and also as a gesture to the community and other victims of the attack who are having to accept a debt token and cannot be paid back immediately.

3. All other losses resulting from the attack (in all other tokens) will be compensated by issuing a debt token at a 25% premium to be repaid over time by the protocol from 20% of protocol revenue and fees. This approach has some similarities to what Pickle Finance and Indexed Finance did after their hacks, although there are differences.

In effect the bZx DAO is making a commitment to repay the remaining losses over time, similar to a loan with a 25% premium.

Specifically, a tradable debt token will be issued with an initial face value of $1, and it will be given to victims in a 1.25:1 ratio to their losses. So for example, someone who lost $10,000 in the attack will receive 12,500 debt tokens nominally worth $12,500 when fully repaid (although the actual market value will vary and initially be much lower than that).

The DAO commits to using 20% of protocol fees earned on all 3 current deployments (BSC, Polygon, Ethereum), as well as all future deployments (unknown at this stage, but possibly Optimism, Arbitrum, AVAX, etc) to market buy the debt tokens at least once every month (possibly more) up to a token price of $1 (the face value of the token) until all the tokens are purchased and the losses from the attack are repaid in full (with premium).

All attack victims who hold the debt tokens till the buyback is completed will therefore receive 125% of their losses in compensation in return for waiting. Victims can of course choose to sell or trade their debt tokens at any time, but the initial liquidity pool will be seeded at a price far below $1 in order to discourage the first claimants of the debt token from dumping their tokens into the liquidity pool in the first minutes and hours and making a profit at the expense of those who are slower to claim their tokens. Instead, the market price of the token will rise naturally over time as the debt token is bought back by the DAO and reward long term holders.

4. Any assets recovered from the attacker (unknown at this time, although there is speculation that some of the USDT may be recoverable) will be given directly back to the victims who lost that particular token. So for example if 50% of USDT is recovered, then it will be shared among all victims who lost USDT in proportion to their losses, and their allotment of the debt token accordingly reduced. However, this only applies until the debt token is issued and claimed. Once the debt token is issued, all recoveries will be used to market buy the debt token and benefit all victims equally. This is done to prevent double dipping by victims of the recovered currency - you cannot get debt tokens for all your losses AND get a share of the recovered assets.

Analysis

There are a number of points I want to emphasise about this proposal.

The main one is that everyone has lost money and that we - as the DAO community - should do our best to make it right and compensate people to the best of the DAO’s ability.

However, it is not physically possible for the DAO to directly compensate all losses and make everyone happy. Some compromises have to be made in order to keep the protocol functional and ensure it has a future.

With that in mind, here are some more points to keep in mind:

1. The large majority of DeFi projects that have been attacked do not offer any compensation at all. While the DAO has a moral obligation to make things right to the extent possible, the legal position is extremely unclear and will vary from country to country and there is certainly no settled or well accepted legal right to compensation in DeFi. The DAO should do the right thing and compensate victims in full because it is the right thing to do and for no other reason - but there are limits to what it can accomplish.

2. Even if the entire bZx DAO treasury was emptied and given to victims (ie, the liquid 43m BZRX, currently worth about $15m), this would only cover less than 1/3 of the losses from the attack in theory. In practice, most of the BZRX given as compensation would be market sold and the price driven so low that the actual recovery would much less than 1/3 of the losses - maybe 1/10th or less (also, most of the liquidity for BZRX is on Binance, but for technical reasons, it is difficult for the DAO to sell on a CEX - and DEX liquidity is even worse, aggravating this problem).

In addition, if the treasury is emptied it would make it much more difficult for the project to continue as a viable project, which would make it even more difficult to repay 100% of losses over time. See for example what happened recently to CREAM and the token price crashing when they emptied their treasury to compensate victims of their recent hack - simply the announcement of the compensation plan drove the token price down 40% (and reduced the compensation for losses to 60%) before people even started claiming the compensation and selling it.

3. Perhaps the biggest criticism about this proposal might be that BZRX holders are essentially voting to repay themselves in full from the treasury (except for the dev team who only get vBZRX) while the rest of the victims only get a debt token that may not be paid off for a long time. Leaving aside the fact that most BZRX holders (especially the large ones who are holding from the ICO in 2018) are the most loyal, long term supporters of the project, they are also some of the biggest users of the platform and have also lost money in other tokens.

But that said, I understand the criticism - it does feel unfair in a way that BZRX losses are treated differently under this proposal to other losses. But there are some very good reasons for this:

a) First, it is very simple to repay them from the DAO treasury and there is plenty of BZRX available to do it without leaving the treasury empty (especially since the dev team will only be paid in vBZRX, not BZRX), AND WITHOUT HAVING TO SELL IT AND DUMP THE TOKEN PRICE LIKE CREAM. This is really important - if the DAO had reserves in other currencies and stablecoins (something I proposed on this Forum before the hack, with the intention of trying to implement it in a couple of months), then it would be easy to do the same thing for other currencies - but at the moment the treasury only has BZRX so BZRX is the simplest to repay (also, although they theoretically could, long time BZRX holders who receive the compensation are very unlikely to sell BZRX in large quantities once they receive it, since they have faith in the project and are being given back the tokens they lost). If we tried to sell BZRX to repay people in the tokens lost (or gave BZRX to all victims, like CREAM did), then, like CREAM it is likely to result in an epic price dump which means the compensation will become worthless or near worthless, as well as putting the project’s future into question.

b) It is for this reason that I proposed that any token recoveries if they happen (USDT etc) will also be directly given back to the people who lost them instead of being shared across all losses equally - it’s simple, does not affect price, and is the right thing to do (unless those people already have the debt token in which case they cannot double dip compensation).

c) BZRX holders also need to participate in governance and it is not fair to limit BZRX governance and voting to only the token holders who were lucky enough to be holding their BZRX on the Ethereum network and exclude some of the most committed, knowledgeable token holders/voters because they had their tokens on BSC/Polygon and had it stolen - they need their tokens back to participate fully in the DAO and make decisions - especially if the attacker decides to try and vote the 30m BZRX tokens they hold, we will need enough people to outvote him (although of course this compensation proposal will only be voted on by BZRX holders who still have their tokens on the Ethereum chain - I am talking about future proposals and decisions). Keep in mind also that BZRX holders are the people voting for this compensation proposal - if you don’t give them a good deal - they won’t vote for it!

d) In fact this is exactly the reason why BZRX holders are being repaid 100%, but debt token holders will be repaid at 125% and actually make a profit on their losses - precisely to compensate for the fact that they have to wait longer.

e) More generally, if the DAO has the means to easily repay BZRX holders without damaging the DAO’s future prospects or hammering the token price, then I think that should be done - I don’t think we should artificially prevent BZRX holders from being repaid and just give them a debt token just to make sure they are being treated the same as other token holders - whether or not BZRX holders are repaid directly, or given a debt token like everyone else does not actually make much of a difference to how long it will take to repay all the debt tokens (it will be slightly faster if the BZRX intended for BZRX refunds is sold over a few months to buy the debt token, but not by much)- the biggest factor in getting the debt repaid quickly is how successful the platform becomes over time, because the more fees it generates, the more quickly it will be able to repay all the debt.

In fact, in that sense BZRX holders and debt token holders have their interests strongly aligned - they benefit most by spreading the word about the product so that it is used by many people and the fees generated benefit both the BZRX holders and the debt token holders.

The focus here is on doing our best to repay all victims in full, while still maintaining the protocol and project as a going concern.

Another info regarding vBZRX. Those are BZRX in a vesting contract. Slow emission where they can convert it to BZRX. This way, the dev team of BZX are locked just like the way a VC would be if there’s a vesting schedule.
This also ensures future of the protocol will continue with rebrand and more (2024). Also, any vBZRX holders have voting power so they can use it in governance votes, but only 50% less voting power than BZRX.

This type of proposal sounds like there won’t be a cream incident, where cream just literally bankrupted the entire project by draining all of treasury. Only just announcing it, they bankrupted themselves from first second. Giving cream to non-cream holders.

Bonuses to users of the protocol is an advantage over time. This can contribute to people wanting to promote the protocol. Because the faster and bigger promotion motivation there is, the more fees generated, the faster the debt is paid. Everybody wins

point 4 is basically USDT recovered 1:1 but partially as it depends on how much USDT will be recovered. Rest will be replaced with the debt token. But it depends on when the debt tokens will be released it seems. that’s the fine print.

Remember… Most projects would never come up with a compensation at all. Most projects would tell you it’s your fault. Most projects will tell you to buy insurance, and write off any responsibility about themselves.

The DAO is the future and the DAO will ensure the future of this protocol becomes successful
The DAO is responsible for any losses, but need to balance the future of it too.

#OokiNovember28.

I support this. It addresses all areas, has a clear repayment structure, and ensures the treasury does not become depleted. It also ensures that BZRX is properly distributed for voting in proposals in the future.

I can see some serious time and thought has gone into this. So much so, I cant even think of any questions you have not covered for now

I support this Proposal, in my own interests, and in the future of the protocols interests.

I support this as well. As a holder of BZRX since the 2018 ICO and a project believer I am even willing to do something extra in order to keep the treasury healthy.

Badri thank you for putting in the work and formulating this as best as possible. It’s a good mix of repaying everyone who lost and also thinking about the future of the protocol. I support this proposal.

Seems like a fair well-balanced proposal, affected people will get their share, including the payout to the developers in vBZRX to maintain liquidity into the treasury. According to the debt token, this is actually a nice move to bring in, community members who are able and willing to wait will receive a bigger return, loyalty is what we need in this project.

I fully support this and want to highlight that all the users who have lost BZRX tokens can’t vote for this proposal to just quickly fill their pockets!
They are also watching from the sideline…

I see that a lot of attention has gone into this proposal. All points are well explained with the corresponding arguments. As a holder of both groups, I support this proposal. Well done badr!

20% of profits seems low. Of course it needs to start somewhere. Perhaps there should be a written stipulation that this number has space to grow and be revoted upon.

I support this proposal. One very important point, if we all row towards a direction of success of ooki, dao & community, the amount of leftover bzrx/ooki will revalue quickly and can buy debt tokens as well.

What about a small airdrop for those who didn’t hold any BZRX - just enough to allow them a small vote in the upcoming community decisions - after this compensation plan.

It will give some of the ones who get the most screwed here in this a sense of ownership and welcoming. A nice appeal to their anger - peace offering.

Or in vBZX so they can’t dump prince. Something small 100 or 500

Glad to see things moving. I fully support this proposal.

i fully support this proposal, looks fair to cover up the losses

I have only one doubt. I lost 200k busd so i will get 250k debt token of falue of 1usd. What i not understand is how, where and when i will get back the 1$ for every debt token o got. Becouse i read that thwy go to market, and that company will buy back from market. So how excatly i will have back 1usd for every debt token, if the price will depend from market? I think need a way that company buy from holder, something like a place where holder leave the debt token and every month get back a portion to 1:1 usd. In same time can be create a pool on pancanke or sushi where who want to sell the debt token to low price can do. Honestly i can be interested to buy debt token to 0.8 if i will be sure to get 1usd some day. But i think this step is very important.
Like this in the end all token will be bought back and all to the price of 1usd. What happened during this time in the market is not a problem of company
Let resume. COMPANY have to buy back debt token directly from holder to price of 1usd and not from market.

I support this proposal. Thank you Badri, following you on Twitter now and if I ever need a good lawyer i know where to find you.

Agreed but 25% should be an APY and NOT only 25% extra, The Debt token should be Issued in the asset and not as 1 Dollar, so if you lost BTC you get BTC debt token, if you lost USDC you get USDC Debt token and so, on!

About the legal obligation DeFi project has no legal obligation but centralized projects do! The moment the team decided to launch the Project without putting the keys into DAO’s hand they relinquished all the Legal Leverage they get from being a DeFi project, where only exploits are a threats and not hacker fishing attacks which are really common in the centralized space! (P.S. I am not making threats here, but i am stating the obvious!)

I agree to compensate bzx holder fully however can team somehow lock these compensation bzx from DAO for a certain period. Just for preventing some bzx holder may want to sell them at bull market. As you said the purpose to return bzx holder first is because they are loyal community member, but for the rest of victims we didn’t know who they are and how they will do. I would feel more confident if they can’t sell their bzx for a certain period. It won’t have any affect for bzx holder if as you said they are long time holder and will keep holding.

Let’s do this ! Thank for this work

I think I may have discussed this with you in Telegram, but basically it’s a tradeoff/balance between repaying as much as possible to the debt token vs not upsetting BZRX/OOKI holders so much that they start dumping it - because the fees from the protocol go to them and 20% is being taken away to pay the debt token.

I don’t mind increasing to say 25%. But after that I think it is a bit dangerous and anything over 30%, much less 40% - will really damage the OOKI value proposition.