Protocol Security Rethink

The Trick

Gauntlet pulled off an amazing trick in 2021 - an elegant organizational and mathematical shortcut.

The blocking issue at hand was how much economic risk should the Compound protocol take vs economic optimization. This is not a problem with a simple answer. And it would be extremely difficult to discover under the current Compound governance structure.

So Gauntlet put on their magician hat. By calling the current level of economic risk the target level of economic risk, they were free to propose any changes that improved the overall economics while not increasing the risks. And poof, the problem was neatly gone, and real world work could begin.

Compound faces a similar tradeoff problem in the area of security. How much should be spent on it, where, to reduce risk how much? It’s a messy tradeoff space in the face of risks.

So what if we pull the same trick here? Let’s assume the current spending of 4 million dollars per year is fixed and look instead at how much more risk we could remove for that amount of money.

The Problem

Currently Compound faces three key security problems:

The biggest is that no one is actually responsible for the whole smart contract security picture for the protocol. OpenZeppelin only performs certain agreed on tasks, and has been up front that certain important security things for the protocol are outside the scope of their contract. Adding Certora would not help with this particular problem, there’s a lot of overlap in what they do not defend against - it’s like paying two security guards to watch the front door, while no one watches the back door. I’m not down playing either company - they are extremely good at what they do, but both of them are specialists. The big picture must be looked at, the details must be perfect, and both of these are hard to contract out.

Secondly, DAO’s in general, and Compound in particular, are horrible at both negotiating and selecting vendors. This creates a lot of inefficiency, drastically limits how many vendors could realistically be used, and results in what could euphemistically be called “bad price discovery”.

Lastly, the security of the protocol per dollar spent should be going up over time, as you build out and maintain a network of checks, tests, invariants, fork tests, monitoring, procedures, etc. Currently, this doesn’t really appear to be the case.

Can we do better?

So here’s back of the napkin approach on how I’d spend 4 million dollars to secure the protocol. This is assuming the next 12 months will see incremental improvements to both V3 and V2, without massive new protocol development.

First, I’d have a dedicated protocol security team, with one world class security person, plus two security focused engineers. Yearly cost: $1.5 million. This team would negotiate with vendors, and be responsible for all the things that make up protocol security. For example, running a bug bounty program with Immunefi, running all the available tests, including new fork and fuzz tests on all proposal changes. These tests can be far more advanced than the current tests - not just testing the code, but the new configuration, and not just with fixed tests, but actively trying to break things against the new setup.

For ongoing work, $600,000 in audits on code upgrades, $200,000 for formal verification and fuzzing SAS costs, $200,000 in monitoring SAS costs.

For security capability building: $800,000 for a Certora code contest, $500,000 for Runtime Verification’s two proposals. $200,000 allocated to non-critical bug bounty payments, as well as code4arena contests.

That’s way more security for the same yearly spending!

Who are you?

I’ve been in charge of protocol security for OUSD for two years. In that time OUSD has done 30+ protocol upgrades and had zero incidents. I tweet security stuff at @danielvf.

1 Like

I think this is largely because there’s lack of competition, in either the risk management area or security area.

FYI Upgrade Compound II’s Oracle to UAV3 - #6 by cylon