Compound’s on-chain governance has backfired, and not for the first time.
An upgrade to the protocol’s oracle contract was implemented yesterday, resulting in unintended consequences. Despite three audits, the new code contained a bug causing transactions to revert for ETH borrowers and suppliers.
“Effectively, the cETH market is temporarily frozen.”
The thread goes on to state that “Funds are not immediately at risk, but this is a developing situation.”
Let’s hope, this time, things don’t go from bad to worse…
Yesterday, Compound implemented Proposal 117 in order to “upgrade the protocol's oracle contract (currently v2) to v3, which switches the anchor market from Uniswap v2 to v3.”
The bug appears to be a result of differences between Compound’s interest-bearing cTokens cErc20 and cEther.
As stated in Compound’s docs: “CErc20 wraps an underlying ERC-20 asset, while CEther simply wraps Ether itself. As such, the core functions which involve transferring an asset into the protocol have slightly different interfaces depending on the type”.
However, it appears that these considerations weren’t taken into account when designing the new oracle.
OpenZeppelin explained the error as follows:
cETH does not have an underlying() method assumed to be present in every cToken contract by the new oracle implementation, the getUnderlyingPrice function 12 returns empty bytes that cannot be decoded and the call reverts.
Fortunately, although the cEther market is frozen, users are still able to deposit collateral and avoid potential liquidations. And the news has not significantly affected the price of COMP.
The contract in question was audited by three firms, Dedaub, ABDK (both linked here) and OpenZeppelin, with the most recent of the reports dated 1st April 2022. However, the latest commit to UniswapAnchoredView was made 26 days later.
The protocol’s rigid on-chain governance also caused issues last year, costing Compound dearly.
Unfortunately, expensive mistakes are common in our industry.
Just yesterday OptiFi Labs admitted to accidentally shutting down their contract on Solana mainnet, bricking 661K USDC (mostly belonging to a team member). We also recently learned that Crypto.com accidentally sent a user $10M, instead of $100, not noticing for seven months.
With examples of carelessness such as these, even at organisations working under the highest scrutiny, fully on-chain governance may prove more of a hindrance.
While decentralisation maxis often claim that a multisig is not enough, perhaps granting temporary powers to an emergency multisig could provide a lifeline in similar situations…
Is this the price to pay for on-chain governance?
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
It’s worse than we thought. Last week ~$80M in excess COMP was wrongly distributed. Now another ~$68.8M has been sent to the vulnerable vault, and even more COMP is being given away.
A Compound governance proposal contained a bug which allowed for the distribution of ~$80M in excess COMP rewards. Mistakes were made, but who lost out?
Cypherpunks strive to become ungovernable... but not like this. Tornado Cash's governance has been taken hostage via a trojan horse proposal. But now the hacker is proposing reversing the effects of their exploit. Hopefully this all turns out to be just a storm in a teacup.