DAI Liquidation - Compensation

I don’t think it’s hard to conclude that this is a manipulation. Stablecoins are meant to protect you from volatility. DAI jumped 30% on one exchange (accidentally Compounds oracle) in just one hour and returned to normal.
We are now at the mercy of these 3 VC funds that hold control of the Compound. So much for how useful $ COMP is…


I would like to add a question for you @rleshner:
Were you aware of the risk? If so, why did you think it was a good idea to take the risk?


This was an exploit plain and simple- no different than a synthetic short squeeze. For example if you were short Facebook at $250 and your banker was Morgan Stanley - they tell you if it goes to 350 you have to cover your short. Then one day in Hong Kong there’s a price spike bc of an error or whatever and the stock trades at 350 in HK but never in the USA but ms stops you out and makes you cover and take the loss. This is even worse bc the person/people responsible knew exactly what they were doing and it was nefarious. People will run from this exchange if there’s no compensation for losses


I am user 0x0be0ecc301a1c0175f07a66243cff628c24db852 , I was liquidated twice, in the first liquidation 76,547,382,213.00 cETH was liquidated from me, and in the second, 48,501,406,899.00.

The liquidator paid back somewhere around 10,000 DAI to seize my $15,000-$20,000~ worth of Ethereum.

1: * Was the market price of DAI on Coinbase Pro fair? Was it intentional manipulation, or a market dislocation? - This, in my opinion, was intentional manipulation. There was no other reason DAI would spike to $1.30 and someone would be instantaneously ready to liquidate.

2: * Were impacted users aware of the risk? - Of course, impacted users were aware that they could be liquidated, but the liquidation rules specify far lower liquidation penalties than we paid, and I was personally absolutely unaware we were using a singular price feed or I would not have been in this market as a singular price feed is well known to be exploitable in this way.

3: * Do impacted users deserve compensation? Why? - YES, but it is not a question of “deserve” compensation, and the fact that anyone has to frame it that way is beyond insulting. Impacted users were severely affected by an exploit in the protocol - and the protocol SHOULD have funds set aside for dealing with these kind of emergencies, outside of just this case or just these users.

In my opinion, a COMP distribution should be offered to these users, acceptance of which is predicated on them giving up all claim to damage. Otherwise, it seems very likely many of them will sue.

4: If so, how should compensation be calculated? - This is an interesting question. In my opinion, it seems pertinent to offer less than the damage. We should look at the percentage of assets that were unfairly seized [IE: 38%], and offer that much as COMP to the affected users. As much as I or the rest of the liquidated users would probably like more, that seems more doable and agreeable to the users who were not liquidated. Therefore we still take a hit in damage, but we are able to walk away with something instead of nothing.

5: * If so, should compensation come from reserves, or by distributing COMP? - Distributing COMP seems more sensible in my opinion than compensating from the reserves. I would honestly prefer to get back ETH because I was saving for a staking node, but that seems less possible than COMP.

Can we get a report that specifies what sort of reserves are available for a liquidation event compensation?

6: * Does compensating users create a social contract that doesn’t already exist? Does a social contract already exist? How would compensation change the future activity of users?

No, it doesn’t create a social contract, but it is demonstrative that we are capable of solving our own problems through governance, and empowers the user base to see the value of governance as not only a mechanism to specify risk parameters, but as a mechanism to truly govern and deal with emergency situations such as this that may threaten the solvency of Compound as an American company.

7: * All COMP (which there is a fixed supply of) were previously distributed; the protocol has a sizable inventory controlled by Governance, but doesn’t yet have a function to send COMP to an address outside of the use-based distribution; this would require a protocol upgrade. Gauntlet has an in-development branch which includes this feature.

This is an interesting remark, I will read more in to this to have a more thorough understanding of the protocol upgrade.




I don’t think anyone should be compensated. I will be voting against this proposal if it ever goes to a vote.

Was the market price of DAI on Coinbase Pro manipulation, or a market dislocation – are we able to ask Coinbase to investigate this? We need to know if one or a few accounts were solely responsible for the price action.

Were impacted users aware of the risk – If we decide to upgrade/improve the oracle system does that mean we acknowledge the current system is inadequate? It seems our own engineers at compound were not fully aware of the oracle vulnerability, which means many users were similarly unaware.

Do impacted users deserve compensation – there is no explicit requirement for compensation, but the social contract question is pertinent here. Why do so many other crypto projects reimburse users after an exploit? Do the affected users have a legitimate shot at class action success if a lawsuit follows? The cost of reimbursement is a low single digit % of compound market cap. The cost sounds low in exchange for putting this liability behind the community. Cost/benefit of reimbursing affected accounts seems attractive in this case.


I would like to add to this discussion, that it is quite possible to say definitively that DAI was not globally trading at 20-30% premiums globally (see attached chart) at this time of the liquidations under discussion.

I cannot speak to whether it was manipulation, or simply a sell-side liquidity crisis on a CEX with very thin books, but the chart speaks for itself.

Whether or not the community decides in favor of compensation, I believe the oracle solution must be changed. Yes, CBPRO:DAI-USD was at ~1.30 momentarily, but this was not the price of DAI globally and should not have been treated as such in any price feed.

I was not liquidated, but I know people who were; they should not have been, in my view. I am a long-time Compound user and huge fan of the protocol and community, but if the orcale solution is not changed in a timely manner, I personally will seriously consider moving the majority of my funds to Maker or Aave until it is.


I can speak to these questions but lack the knowledge to answer the others.
Here is my address, I was liquidated in the event.

First Question: Was the market price of DAI on Coinbase Pro fair? Was it intentional manipulation, or a market dislocation?
As mentioned by @mrhen It seems to me that there was an undeniable and massive market dislocation between the coinbase price (or synonymously the Compound oracle price) and all other exchanges/ oracle services. From this, we can conclude that the price supplied to the compound protocol was erroneous.

Second Question: Were impacted users aware of the risk?
As an impacted user, I would like to describe my experience with compound:

I learned of the protocol about a week ago and did not just dive right in without educating myself. I sought out any and all available educational resources, including the ones provided by coinbase that explain the lending and borrowing protocol and some third party ones as well. Once I felt comfortable with the protocol and knew it inside out, I supplied my eth as collateral and borrowed dai. The compound app provided a suggested “safe limit,” which I made the decision to trust. Had this suggested borrow ratio not been there, I would likely have chosen to borrow less.

Here is the nuance of this question: I was completely aware of the risk associated with borrowing. I was not, however, aware that the oracle used by compound was vulnerable to exploitation. Nor was I aware that the “safe limit” was evidently not safe in the slightest.

Third Question: Do impacted users deserve compensation? Why?
Imo the impacted users deserve compensation. We deserve compensation because we did nothing wrong. I don’t know what ratio the other users chose to use, but I know that many of the liquidated users were being smart with their money. This liquidation affected routine users who were operating within the “safe limit” of the protocol. I did my due diligence and educated myself on the risks involved with using the compound protocol. I am a beginner to the DeFi space and the protocol and app made me feel safe, as it should! It is not a punishable offense to use this protocol within safe operating limits. It is not a punishable offense for new users like me to acknowledge our limits and seek out a protocol like compound that makes things (appear) straight forward.

Users that were using the safe limit feature on compound should undeniably be compensated in full. My (uneducated) opinion is that users that were using more risky borrow-supply ratios should be fully compensated as well in a gesture of good faith and goodwill.


Stablecoins are not guaranteed to stay on peg. That’s a risk you take when you use a stablecoin like Dai which historically almost never trades 1:1 with a dollar.

So just because a stablecoin is trading above a dollar does not mean there was market manipulation. There may have been market manipulation but it is worth noting stable coins are not always stable and users should not expect them to be.

In your first week? Ow! That can’t feel good! I’d like to say I’ve used this protocol for well over a year, and nothing like this has ever happened before. This was an unusual event and I hope you don’t let it affect your perceptions of Compound too heavily.


I didn’t present direct ratios anywhere - I don’t know where you found it. I said that stablecoins serve to reduce volatility.
If that is not their purpose please let me know what is?
In this situation, DAI was not in the function of stablecoin only on the - Compound.finance platform?

I was one of the affected users ,i will try to answer the question you mentioned above .
*Obviously the market price of Dai on coinbase was not fair ,you can look at the price globally and you can easily come to that conclusion , it will be hard to prove if it was an intentional manipulation but i believe it was , and it was a part of a wide attack on the protocol , this vulnerability was highlighted couple of times by the community but actions were not taken to mitigate it until the protocol got exploited . If the protocol need an upgrade to deal with this issue , that means that protocol didn’t behave as it should .
*I was aware of the liquidation risk and i took several steps to avoid been liquidated i never thought the price of DAI will be over 1.2 $ and obviously it wasn’t the case globally , relying on a single price oracle is what lead to my liquidation (aave and maker didn’t suffer any issues)
*Ideally for the compensation we should make the users whole , most of the user missed out on the price appreciation of their collateral .
*I think the compensation should come from the reserves that way COMP holders won’t feel the impact as much, if we were to distribute COMP most comp holders will vote against it since it will dilute their assets
*Compensating users for Protocol malfunctioning will cement Compound as a market leader in the space and it will lead to more trust in the protocol which will most likely increase the number of user and TVL .



Posting for Discord user “Dmitry” as in conversation I have no reason to believe they were not legitimately affected, so I offered to get their voice heard if their account was not verified in a timely manner. I have my own thoughts, which I will post at a later date.

" I cannot write in the forum as immediately after the registration my account has been placed on hold (automated message from Compound Community Forum to let you know that your account has been temporarily placed on hold as a precautionary measure.). That’s why I will leave this message in Discord, and then, once my account is reactivated, will post it in the forum thread.

[ 3:46 PM ]

I, being one of the impacted users, would like to answer Initial Questions, despite the fact that my answers will be biased. I hope that everybody understands that Compound is used by people with different education and knowledge and not everybody thoroughly studies the technical details of the protocol. That’s the way things are, you cannot be an expert in every field and people just trust, otherwise there would not be such a thing as a reputation. Most customers use the functionality of the protocol based on its reputation and many years of history. Since the protocol was working for many years without any issues and was entrusted with more than 1 billion USD, I have also entrusted it with my money. Of course, you can say that if you do not understand all details then you should not be here. But I would like to know who we build the DEFI infrastructure for. For software developers and technical specialists or for ordinary people after all? When you buy a car you usually look at the ease of operation and you choose a brand you Trust. You do not dive into technical details. And if a manufacturer finds a critical defect, the manufacturer recalls cars and pays compensation to owners. That’s why compensation is very important for the Trust. In the world of cryptocurrencies, where everything is anonymous, Trust is most probably the most important success indicator of any project.(edited)

[ 3:47 PM ]

1. Was the market price of DAI on Coinbase Pro fair? Was it intentional manipulation, or a market dislocation? I think the market price of DAI was not fair.
Being a user and not a technical specialist I would like to refer to the original source. Main page of https://makerdao.com/ The world’s first unbiased currency. Dai is a stable, decentralized currency that does not discriminate. Any individual or business can realize the advantages of digital money. Financial freedom with no volatility A price-stable currency that you control. Generate Dai on your terms, instantly. 1 Dai=1$ When during a short period of time a price of the token that should be equal to 1$, changes by 30% on one source (while at the same time other sources do not confirm such price change) and this leads to positions liquidation, which under normal circumstances should not have been liquidated, then there should be an issue with the Compound protocol. How can I consider the liquidation of positions at this price to be fair?(edited)

[ 3:47 PM ]

Was it intentional manipulation, or a market dislocation? I think that this question is not essential. It could be a hacker attack, Coinsbase failure or any other reason. The fact is that this happened and led to an incident. Other sources did not confirm such a sharp price deviation. If we accept that DAI price was not fair, then anything else is not that important and just helps us to understand what happened but should not be taken into consideration when deciding whether the compensation should be paid or not. Compound team shall focus on fixing the issue and quickly find the solution that will protect people from similar situations. Solving this problem will increase the trust. If nothing will be changed, a competitor, who will fix this problem, will appear and customers will go there since it is safer.
Were impacted users aware of the risk? I think impacted users were aware of the risk according to the knowledge about the token and Compound protocol, but nobody could foresee the risk of 30% DAI price change.(edited)

[ 3:48 PM ]

Do impacted users deserve compensation? I think that impacted users do deserve the compensation. Why? Impacted users were severely affected by an exploit in the protocol, then the protocol MUST… However, I do not agree with this. No one can guarantee anything and we know it. Compound worked as it was programmed. Condition for liquidation appeared and liquidation took place. Some users lost money, liquidators made money, everything is according to the market rules. But Compound is not just an immutable set of code on a blockchain, it is a community: people who use and trust the protocol. The most important point is that people, who trusted Compound and were part of its community, suffered. They suffered by entrusting their money to Compound. Compound gave the opportunity to liquidate their positions at a non-market price. This is result of force majeure caused by an error at the quotes provider, hacker attack, or just a glitch. This happened and part of the community suffered. Users, who suffered, hope that the community will admit that the liquidation was a mistake. Positions should not have been liquidated.

[ 3:49 PM ]

And the community can evaluate this situation and take a decision based not only on commercial interests, but also on the ideas and spirit of DEFI. The global idea of DEFI is to create financial products for people, and Compound is one of the biggest players on this market that builds this infrastructure for the community and is a benchmark for many. I believe that the community should take a positive decision about the compensation because this happened to the part of Compound community. There is no need to look for somebody to blame or the reasons why Compound OWES to somebody, but simply help out. If Compound is not willing to help users, who it builds infrastructure for, then that is wrong. There will be less trust and confidence in such a project. Next time other users might suffer, but they will know that nobody will help them. If there is no trust and confidence in the project, users will start looking for an alternative and leave DEFI, since even market leaders cannot provide safety to its users. If Compound does not support its users, then other projects will adopt the same practice, thinking that why should they if top players do not. Eventually DEFI will become a pyramid where you cannot trust anybody, and everybody wants to grab somebody’s else. I believe that here we have to discuss whether the Compound community is ready to help users in difficult and force majeure situations. I will not give names, but one of the impacted users wrote that it was his last money and I see no reason not to believe him.

[ 3:49 PM ]

If so, how should compensation be calculated? That’s a technical question and calculation of losses for each user is a difficult task that requires a lot of time for analysis. Maybe some basic conditions for estimating losses, for example based on several major liquidations. And then approximate this estimate to other users, for example by linking to the column “DAI Repaid”. Maybe it will not be fair towards someone, but I think that many users do not even hope to get anything and will be happy to accept any positive decision. This will also take less time than to analyze every user out of 142 impacted users. Time in this case is very crucial. How fast the community will be able to mobilize and solve this issue? If so, should compensation come from reserves, or by distributing COMP? In my opinion by distributing COMP, but same has to be discussed with the Board."


Users should be compensated. This doesn’t seem like it is working as intended, especially since Dai price was trading normally elsewhere. The users that are effected in this incident did not do anything wrong, but suffered. COMP as a leading DEFI platform should try hard to maintain the trust, or else people would just move their funds elsewhere. No one would want to risk their money at a place that is vulnerable to said attack.


I’m sorry but I feel obligated to take the unpopular position against compensation. I have great sympathy as a fellow human for those who lost money to the incident but I think compensation is a mistake for reasons that I hope I articulate clearly below.

Almost certainly manipulation by a liquidator who planned and scripted out the attack in advance.

No, but the cold truth is that in finance, this is immaterial. The impacted users should have and could have been aware of the risk, and Compound is a protocol that can be used in risky ways. Users have a responsibility to understand the protocol before they put large sums of money in it. Compound could have done a better job of educating users about these risks but ultimately, any complex financial product, whether in the crypto space or the traditional finance space, has ways to use it dangerously and it is generally impossible to protect people from their own ignorance when using complex financial products.

I certainly think that the idea of a “safe max” to borrow is ridiculous and I do blame the Compound UI for using that term as being part of the problem. There is no 100% safe amount to borrow of any product. Some amounts might be 99.99% safe, or 99.9% safe, or 99% safe, or 95% safe, and users need to evaluate this on their own if they are going to short sell a product (I know that not all protocol users realize this, but when they supply USDC and borrow DAI, then keep selling the DAI and supplying more USDC to build up the “recursive” leverage for yield farming, they are short DAI). DAI is a soft peg and short selling it has counterparty risk against MKR holders because if they mismanage DAI it could actually (as opposed to via an oracle exploit) globally reach prices well above 1 (e.g. if they fail to allow more USDC deposits into vaults once the USDC max supply is reached). Similarly, being long USDC has tail risks associated with it, e.g. if Circle somehow turned out to be engaging in fraud or had US regulatory action against them (I think this is highly unlikely but I think people should consider and understand these tail risks when they use these products).

In the other thread people have proposed switching to Chainlink oracles, which is clearly an improvement that could have prevented this specific attack, but it still doesn’t prevent all tail risks to using Compound and the idea of there being a “safe” max borrow is still a dangerous and incorrect idea in my opinion.

Sadly, I believe not. I already touched on this in my response to the previous question, but users should understand how a protocol works before using it, including the oracle and the liquidation process. I have used Compound with DAI but I am very careful about my ratios because even before this incident, if you look at the price history of DAI-USDC on Coinbase (for a long time Coinbase only had DAI-USDC but no DAI-USD, I guess because they wanted to promote USDC and force users to use it) you can see other times in the last year when the illiquid market has resulted in temporary ridiculous prices. For example the 2019-07-14 candle shows a max price of 1.35 and the 2020-03-11 candle shows a max price of 1.126, so even just pulling up the Coinbase price history would show anybody that they ought to be planning their positions around the possibility of the Coinbase-based DAI oracle printing 1.3.

In fact, I would go so far as to posit that many people people who understand how the oracle works have been cautious with how they use the protocol out of fear of the exact thing that happened occurring, and that part of the reason for the apparently outsized returns offered by yield farming is that maybe you can get a 20% return with aggressive recursive yield farming, just like you can by buying junk bonds, but they also pose non-trivial chances of significant loss of your initial capital. In reality, if you see something easy that offers 20% return and it seems safe, you are almost certainly wrong. Either the return is not as high as you think or the risks are higher than you think. If Compound was safer, more people would use it until the return was pushed down to a reasonable risk-adjusted return. The only reason the return is so high on using recursive leverage for yield farming is that it is actually risky. For awhile the yield farmers were taking this high risk (and I admit many of them did not realize it) and they got what appeared to be a really high ROI, and then they got burned. It makes no sense to reimburse them because these sorts of risks in a new protocol are the exact reason why more people aren’t using it yet (and once DeFi gets to the point of protecting against these risks better, more people will use it and they will push the returns down).

I think compensating the affected users sets a bad precedent because people need to understand the financial products they use and they need to take responsibility for evaluating the risks, and accept responsibility when the bad side of their risks manifests. This was not a bug in the code, it was a combination of a bad design choice (Coinbase oracle vs Chainlink) and users who didn’t DYOR by understanding the existing oracle or pulling up the Coinbase DAI price history (or inspecting the liquidity of the Coinbase DAI markets, which could have revealed that the DAI liquidity on Coinbase was small enough that this attack could be profitable for the attacker). If the affected users are compensated it will just encourage more risky behavior in the future and encourage people to use the protocol without understanding it. What if Compound compensates the users, and switches to Chainlink, but somebody figures out an attack on the Chainlink oracle? People would definitely expect compensation again but it starts to get impractical and create a slipper slope. Sure it’s unlikely, but it is ultimately the responsibility of the users to consider and evaluate these risks.

I mentioned this above too, but I strongly believe Compound should remove any terminology around a “safe max” borrow from the UI. “Safe Max” is a ridiculous and inherently flawed idea in this context because there are always multiple risks in the protocol code, the oracle code, counterparty risk from the managers of the stable coins, and many more. Users need to be responsible for understanding and evaluating these risks on their own. If you think that there is such a thing as a “safe max” borrow or a “safe” way to use Compound (Disclaimer: I am Compound user) I highly recommend that you do not use it. There are relatively safe ways to use it, and I think many people have found ways to use it that are low risk and that most users understand these risks, but for the UI to bait people into thinking their position is “safe” because it displays as such is dangerous and will just lead to more tragedies in the future like this one.


Okay, let me get this straight. You correctly believe the protocol was attacked through oracle manipulation.

You correctly point out that the UI misled users into believing using 80% of borrowing power was “safe.”

I’ll point out that the protocol has intentionally set aside funds as insurance:

Second, a portion of the interest paid by borrowers is set aside as Reserves , which acts as insurance and is controlled by COMP token-holders.

And yet, you do not feel the facts and circumstances warrant a discussion of compensation for the victims. What exactly are those insurance funds for? Recapitalizing the protocol in the event of fund loss? Why not just write down everyone’s balance if users are not to be looked after and only protocol solvency is a priority.

I get the feeling that people are fine with screwing borrowers, because they “should have known better.” Well, without borrowers, there is no protocol and there is no reason for depositors too. I knew the market was volatile and paid down my debt to 80% per the protocol recommendation before going to sleep. Just hours later I was shocked to learn that I was liquidated improperly, and to add insult to injury my collateral was seized at an insulting and incredibly incorrect price thanks to the oracle attack.

Most if not all businesses as well as DeFi protocols have went out of their way to make it right for users who fell victim to protocol exploitation, which this clearly was. Yet you think Compound has no business doing so because users should have known better. If that’s the case, it will be hard to recommend Compound to anyone who doesn’t fancy themselves a smart contract researcher, and a hardcore one at that.

I have moved my funds and won’t be back unless there is at least an admission of fault on behalf of the the protocol, and partial if not full compensation.


Keep in mind users lost more than the 8% liquidation penalty. Collateral was seized at an incorrect price.


Yes this is 100%. While some dilly dally about compensation - the truth is investors got screwed. If you don’t compensate them to some degree they will leave en masse - all investment banks compensate investors to some degree-willingly or not- when they fk them over. If there isn’t some restitution then compound as an exchange will shrivel up


No it was not fair. It was not the market price. It was an outlier that should have never been published. Further, it should have never been used to trigger liquidations or price the collateral that was being seized. In fact, Coinbase Oracle promised three layers of defense to guard against publishing prices that did not reflect market value, including off-chain filtering. All failed.

Data quality

For an oracle to provide a reliable price feed it is important to address various scenarios in which a data point to be signed does not reflect an actual market price of an asset. There are three layers in the Coinbase price oracle architecture designed to solve this:

  1. Price source . We use the Coinbase Pro API as the source of the price data. Coinbase Pro is one of the most liquid crypto-exchanges in the world. There is already an ecosystem of oracles, market makers and traders that rely on an accurate data feed provided by the Pro API. As such, Coinbase is making continuous investments in the quality of the API itself, as well as the market, as measured by liquidity.
  2. Off-chain filtering . The Coinbase price oracle implements a filtering mechanism that rejects data points that significantly deviate from the expected volatility of each asset.
  3. On-chain filtering. Compound open oracle’s contract implements concepts of an ‘anchor’ source. Data points that significantly deviate from the last price reported by the anchor source are rejected.

No, users were specifically told by the Compound UI that 80% borrowing power was safe. Furthermore, users had every indication that the contracts had undergone audit and had been battle tested for months, and would not be subject to faulty price feeds. I don’t believe the Compound engineers were aware of this risk themselves. If the expectation is that users should understand the risks of a protocol better than the people that built it, well that is frankly preposterous. I believe the fact that there are discussions of hardening the protocol indicate that there is an admission of improper risk currently in the protocol.

I’ll admit we don’t deserve compensation, but at the same time, Compound does not deserve trust if they do not make some effort to admit fault and mitigate impact. Most if not all businesses and DeFi communities go out of their way to mitigate impact when there is a hack/exploit resulting in loss of user funds. Why would Compound buck this trend?

Take the market value for the collateral seized minus the true market value for the DAI repayment in all liquidation events (with DAI being worth 1.03). You have your answer for the loss. Whether it’s shared partially or fully repaid is up to the community.

Reserves first makes sense since that was explicitly allocated for “insurance.” COMP to fill in any any gaps makes sense as well.

No, I don’t believe it does create a new social contract that doesn’t already exist. It seems to be already implied through the setting aside of reserves as insurance, that the protocol would use its resources to mitigate the impact of an incident. I anticipate compensation would allow Compound to retain trust and users.


I would like to highlight this point. The reserves are there for a reason and this is undeniably it. We the voters are here for a reason and this is undeniably it.

The Compound protocol exists in a competitive and ever-changing DeFi space. For compound voters to choose to abstain from compensating the losses suffered by the users of the protocol, they are choosing to separate Compound from the tradition of decentralized goodwill found in the interactions between protocols and their users (see uniswap’s airdrop). Decentralized governance systems (democracies) like the one on compound, through their financial transparency, have the freedom to exercise this tradition when they are presented the opportunity to make wrongs right. Looking at other protocols that have been exploited in some way: After their users lost money due to an exploit in their protocol, Pickle created a token that tracks the losses suffered in this attack and can be burned for reimbursement dai (correct me if I’m wrong).

The oracle exploitation needs rectifying on a technical level (changing the oracle, and misleading “safe limit”) and on a financial level as well (compensation).


Let me congratulate @TWS49 for not losing money in this exploit! Speaking honestly, I appreciate your sympathy. In reading your post, I couldn’t help but notice that you devoted a plurality of your response to the description, in technical detail, of your level of care and the exhibition of your high level of knowledge and understanding of the compound protocol. I don’t believe that these particular sections of your post are helpful, and your particular trading habits and your higher level of education have no relevance to this discussion.

Boiling down @TWS49’s statement to reveal the argumentative aspects exclusively…

First: ‘the users impacted could have been aware of the risk in the first place.’ This argument has been thoroughly debunked in @cryptoguy123’s second response.

Second: ‘compound is inherently risky, therefor compensation is wrong.’ My problem with this view is that it neglects the nuance in this situation. I would love to read an answer to the following question: in what circumstance would compensation would be correct? I believe any attempt to respond to that question will reveal the shakiness of the other stance in this debate. The protocol itself has been audited 9 separate times, it’s unlikely that there exist holes in the protocol that can be exploited in a way more severe than this, therefore, as the DAI liquidation is the severest exploitation currently possible in relativity to the security level of the protocol, the exploitation should be recognized as such and should not be dismissed on the basis of inherent risk in the compound protocol. An example of an inherent risk in Compound is the risk for potential liquidation if the collateralization ratio of ones supplied ethereum drops to 75%. What is not an inherent risk is the potential for anyone who understands how flash loans work and has sufficiently large and liquid capital to exploit the users and buy their supplied ethereum for absurdly cheap and liquidate a portion of their borrowed dai.

@TWS49 also mentions that he believes that compensating the exploited users sets what he sees as “a bad president.” He goes on to say that compensation will encourage riskier behavior in the future and cause people to “use the protocol without understanding it.” But let us not leave anything implicit and revise the latter quote to be explicit to the opposition’s argument. What they are saying in actuality is that everyone who uses the Compound protocol must understand not just the protocol itself, but also educate themselves beyond a reasonable extent (as I believe I did). In addition, they must also possess an absolute galaxy brain in order to look past the user experience comforts of not only compound (see: safe limit) but also Coinbase’s branding/corporate propaganda that describes their “three layer” price oracle and exalts it as a technically robust and reliable price feed.

In my opinion, @TWS49 asks an unreasonable amount of Compound users. In addition, there exist other borrowing/lending protocols that do not require their users to go to these lengths. For example, aave uses the chainlink oracle service so that users don’t need to bother with all the trouble that @TWS49 went through.