[Proposal]: Partial Compensation for yvUSDT and yvDAI Vault Users Affected by Sonne Finance Exploit

Summary

This proposal aims to provide partial compensation to users of yvUSDT and yvDAI vaults affected by the Sonne Finance exploit. It suggests Yearn cover 80% of the remaining losses, with affected users accepting a 10% write-down. This approach demonstrates Yearn’s commitment to users while balancing the interests of YFI holders.

Background

On May 15, 2024, Sonne Finance, where Yearn had allocated significant portions of yvUSDT and yvDAI vault assets, was exploited for $20 million [1]. This occurred despite a prior audit by Yearn-assigned auditors [2]. The exploit targeted a vulnerability in a new governance timelock introduced by Sonne Finance.

On May 24, 2024, an increased rate of OP rewards was announced by a Yearn contributor [3]. For 4 weeks, these rewards were paid out and mitigated some of the occurred losses. The remaining losses are as follows:

Affected vaults and losses:

1. yvUSDT Vault (Optimism) [4]:

   • Total Gross Loss: 356,996.37 USDT [6]
   • Compensation in OP already received: $171,704.76 (76,195.19 yvOP which is 78,404 OP at a TWAP price during the rewards period of $2.19)
   • Net Loss: 185,291.61 USDT

2. yvDAI Vault (Optimism) [5]:

   • Total Gross Loss: 294,283.36 DAI [6]
   • Compensation in OP already received: $149,086.44 (66,157.90 yvOP which is 68,076 OP at a TWAP price during the rewards period of $2.19)
   • Net Loss: 145,196.92 DAI

Total Net Loss of vaults (after subtracting already received yvOP rewards): $330,488.53

Motivation

This proposal addresses three key issues:

1. Trust Maintenance: Compensating affected users demonstrates our commitment to depositor safety, crucial for retaining and attracting users.

2. Long-term Benefits: The goodwill generated will likely outweigh short-term costs, potentially leading to increased deposits and protocol growth.

3. Acknowledging Risk Management Shortcomings: The incident highlights an overweighted allocation to a protocol where yAudit had identified potential security risks. By approving this proposal, we signal our commitment to improving risk assessment and management practices, thereby better protecting user funds in stablecoin vaults going forward.

Specification

We propose the following compensation structure:

1. Total remaining loss: $330.488,53
2. Affected users to bear 10% of the loss: $33,048.85
3. Requested compensation from Yearn: $297.439,67 (in YFI equivalent, which represents as of August, 15 2024, a total of 58.86 YFI)
4. Users will assign all future recoveries provided by Sonne Finance to the Yearn DAO.
5. Users receive compensation in the form of YFI tokens. Despite Users having originally invested in stablecoin vaults Users are willing to align themselves with Yearn and agree to the YFI compensation being subject to a vesting schedule.
6. The vesting schedule releases lineary one-sixth (1/6) of the total tokens each month over a period of 6 months. One-sixth of 58.86 YFI amounts to approximately 9.8 YFI potentially sold by users per month, which should have no impact on the YFI price as several thousand YFI are traded on various exchanges daily

Users are then fully aligned with the objective of Yearn.

Yearn’s Financial Position:
As of August 16, Yearn’s financial position is as follows:

Total liquid assets: $32.7M

The proposed compensation of $297.439,67 represents approximately 0.9% of Yearn’s total liquid assets as of August 16, 2024, a manageable amount that won’t jeopardize Yearn’s financial stability.

[Note: Following Yearn’s recovery efforts and yvOP compensation, affected WETH and USDC vaults suffered total losses of 1% or less. Hence, they are excluded from this proposal, since the losses lie underneath the accepted loss of 10%.]

Process of executing the proposal if voted “yes”:

A. full list of depositors → https://gist.github.com/anyOldDev/b410c4ae27a4e1c3f3de37245205f62f
It’s a balance snapshot of the vault and the rewards contract combined done using the graph.
B. smart contracts → https://github.com/pandadefi/merkle-distributor-with-vesting/blob/master/contracts/MerkleDistributor.sol
The contract is a merkle-distributor forked from uniswap wich has been modiifed to create a vesting contract using llamapay contracts.
C. merkle proof → Yearn will have to create based on the price of YFI and the full list of depositors as disclosed in the link above.
D. Yearn (or alternatively the Team behind the proposal) will have to convert the USD amount to YFI amount, generate the merkle proof based on the information provided in the shared links and deploy the contract
E. The team behind the proposal will help if necessary to create the merkle proof once the YFI price for compensation has been decided.

Voting

Resources

[1]: https://reports.yaudit.dev/reports/05-2023-Sonne/
[2]: https://rekt.news/sonne-finance-rekt/
[3]: ⁠⁠Yearn Talk⁠
[4]: https://yearn.fi/vaults/10/0xFaee21D0f0Af88EE72BB6d68E54a90E6EC2616de?tab=strategies
[5]: https://yearn.fi/vaults/10/0x65343F414FFD6c97b0f6add33d16F6845Ac22BAc?tab=strategies
[6]: Screen_Shot_2024-07-17_at_4.48.16_PM.png
[7]: https://debank.com/profile/0x93A62dA5a14C80f265DAbC077fCEE437B1a0Efde
[8]: https://debank.com/profile/0xFEB4acf3df3cDEA7399794D0869ef76A6EfAff52
[9] full list of depositors → https://gist.github.com/anyOldDev/b410c4ae27a4e1c3f3de37245205f62f
[10] smart contracts → https://github.com/pandadefi/merkle-distributor-with-vesting/blob/master/contracts/MerkleDistributor.sol

As a victim of the hack, I hold the opinion that Yearn should take the loss, which was shifted to the account holders, by providing partial compensation. By allocating a substantial proportion of the funds to Sonne, a trust in this protocol was expressed based on risk assessment and hopefully well-conducted research.

Consequentially, this trust can now be expressed again and reinforced by acquiring discounted claims from the depositors in shape of a partial compensation with YFI for the depositors that waive all potential future claims.

I fully support the proposal for partial compensation in YFI for the losses suffered due to the Sonne Finance hack. It is unreasonable to expect that the entire burden of this incident should fall solely on those who deposited in the affected vaults. Instead, it should be shared by the broader Yearn community, including YFI holders, as they also benefit from the protocol’s overall success.

By compensating the affected users, we would not only demonstrate solidarity and responsibility but also significantly bolster Yearn’s reputation. Trust and credibility are paramount in DeFi, and this gesture would showcase Yearn’s commitment to safeguarding its users and maintaining a robust and trustworthy ecosystem.

Let’s ensure that the costs of this unfortunate event are equitably distributed and that we prioritize the long-term health and reputation of Yearn…

Do we have a spreadsheet with the affected addresses and the amounts that each of them “lost”?
Also, is there a budget impact analysis that shows how this will affect Yearn short and long term?

yearn made a snapshot of each wallet which was affected before withdrawal of each depositor.

With regards to the effect on yearn treasury I saw this is minor, the amount is less than 0.9% of the treasury, so no long term negative impact on yearn expected

I also want to support the proposal even if I have not been affected. Just read the proposal. In my opinion there are many aspects which are a good argument for this compensation request already outlined by the proposal itself plus the comments.

I also saw there was quite a huge allocation of total funds into Sonne Finance. I assume that many investors who deposit into a stable pool with yearn finance just want to have a secure investment managed by a professional fund manager.

For yearn treasury the impact is quite low plus the investors accept a haircut and also assign any future recovery to yearn. So maybe it will even play at a zero sum game, which in my opinion is overall a fair proposal.

Good luck to all!

There is also support coming from my side. The proposal has been well prepared by the victim’s community and the impact on Yearn Treasury is minimal - in case of recovery even less since depositors would assign future recovery to yearn. for some investors there are big amounts of money at stake, since this was a stable pool and not a small market cap volatile pool. People tend to deposit the majority of “savings” into stablepools and I know some depositors who have significant portions of their live savings at stake.

Can you please share that list of addresses and the amounts for each?

As one of the victims of the Sonne attack, I’d like to share my personal experience. I was initially drawn to the website’s banner promoting a higher than usual APR from OP liquidity incentive, which seemed like a good strategy to deposit. I deposited my stablecoin position. I closed my wallet, expecting to be free from monitoring my position for the next few weeks, and moved on to attend to day work and family matters.

However, just a few days later, a friend alerted me to “some exploit happening on Yearn”. As a person with work and family duty and impossible to be vigilant 24/7, I’m always late to these… By the time I discovered the incident, everything is over. The damage was done, ~60% of my stable holdings are lost. I sold my crypto to these stables in the previous hype and has been bragging about that with friends. Now there’s nothing to brag about.

The feeling overwhelming is remorse and betrayal. I had expected a reasonable return of around 10-20% APR while parking my funds. This is a rate that some tradfi products can also offer. I was even willing to accept a lower return, knowing that I could at least sleep soundly with my money. Even if it wasn’t my life’s savings, it was a substantial portion of my capital. And what makes things worse is I now have to sell of my crypto holdings to reduce the overall risk profile (since the Yearn deposited funds was supposed to be the “safe” part of the portfolio).

It’s imperative that Yearn reevaluates its risk management strategy to prevent such incidents from occurring again to any other user.

If users depositing stablecoins into Yearn vaults must be prepared for the possibility of total or substantial loss every time, no one in their right mind will use Yearn. Why not simply invest in a broad-base ETF, why not buy bonds? Why ever risk with the unproven, unsecure approaches?

IMO, things must change. We can start by substantially recovering the losses of Sonne victims and implementing measures to prevent similar incidents in the future.

Happy to see this proposal live on the forums. Just a few caveats I want to add for potential voters/community members to consider:

• Something I already mentioned when providing feedback on the proposal prior to its posting—the proposal lists the total compensation of yvOP for yvUSDT+yvDAI using the spot price from end of recovery as $249,015. if you instead use 30-day VWAP from June 21 (roughly the period over which the emissions happened), the value is significantly higher ($343,986.86, TWAP provides similar results). This constitutes a difference of $94,971.86, which is actually higher than the 20% loss assigned to the users in the proposal above. Meaning that, if one decided to use one of these longer-term pricing measures, users would not be taking any loss and instead receiving a slight surplus.
• Regarding some comments above, as far as I know, no one has collated the list of affected addresses at the specific mentioned blocks, just the total TVL that is affected. So this is something that would still need to be prepared, I would assume by someone from Yearn. Maybe good to specify that in the proposal as well
• Someone mentioned in discord that it may be more acceptable to voters should some portion of the compensation be vested in some way. We do have vesting contracts that could make this happen, and I know otherwise some people may be concerned about the possibility of the compensation being immediately sold on the market. Again, if this is something that people would like to include, would probably be best to have it in the proposal prior to voting.

Hi dudesahn, I want to ask you about a part of your this comment which I believe is wrong, or at least I might be interpreting incorrectly.

“Something I already mentioned when providing feedback on the proposal prior to its posting—the proposal lists the total compensation of yvOP for yvUSDT+yvDAI using the spot price from end of recovery as $249,015. if you instead use VWAP from the period over which the emissions happened, the value is significantly higher ($343,986.86, TWAP provides similar results). This constitutes a difference of $94,971.86, which is actually higher than the 20% loss assigned to the users in the proposal above. Meaning that, if one decided to use one of these longer-term pricing measures, users would not be taking any loss and instead receiving a slight surplus.”

The last two sentences is what I believe is incorrect. Right now, the total net loss is $402,264.73. If your VWAP calculation was used, that would be reduced by $94,971.86. It would still be a $308k net loss for victims of the hack, and we would still be very far from not taking any loss, nor receiving a slight surplus.

Please let me know if you meant to say something different, but I think it is very important to clarify this and not confuse governance participants.

Over Discord I was just discussing this, and it was noted that what you were saying is that victims would not be taking any loss if the compensation plan was approved. I had understood that you implied victims weren’t at loss before the compensation plan.

I think that there are lots of moving pieces, so it is hard to get to the exact amount. As an example, the VWAP YFI price used to convert $ into YFI is detrimental to victims today (leading to $15/20k extra losses), but that may change in the future too.

I also believe vesting is a good solution and aligns interests.

Dear Yearn, dear dudesahn and other voters,

the Users have jointly revised the proposal to the benefit of Yearn considering all comments so far:

• we changed the calculation of received yvOP rewards which reduced the total net loss by ca 72,000 USD and the requested compensation down to 297,439.67 USD (around 53 YFI as of August 01 2024)
• This amounts now to 0.75% instead of 0.82% of the Yearn treasury
• Users, despite having originally invested in a stablecoin vault, agree receiving compensation only in YFI and fully align themselves with Yearn by agreeing to a vesting schedule with a 1/6 per month release schedule.
• This reduces the potential selling of YFI per month to only 8.8 YFI maximum per month which should have no price impact at all since thousands of YFI are traded on exchanges daily according to coinmarketcap
• As the requested compensation based on the updated numbers is reduced and the risk position for initial USDT and DAI holders is converted to a volatile altcoin position, users have changed the haircut from 20% to 10% in the hope of gaining understanding

Users hope this revised proposal finds acceptance and support by Yearn and all voters!

Dropping a response in here so this thread doesn’t get closed. Talked with the proposers and they are working on getting additional data and fleshing out the proposal to include more actionable items for yearn governance.

Thank you for creating this discussion.
The proposal (and arguments behind it) looks decent, and detailed.

Its not creating any problems to actual users or yearn itself treasury.

I hope for the one impacted that the proposal will dreg more interest by the team but also every user of the platform that might face such difficulties in the future.

The last comment was mentioning some improvement to the initial proposal, do we know more ?

Thanks

Dear all, dear rgalloway, we have worked out what was required and I have included all requested information in the proposal and the resources links. Thanks to all for your support to make this happen.

The snapshot for this proposal has been created: Snapshot

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.