TIP-121: Proposal for the future of the Tribe DAO

Yes, its a joke, and the Fei team and the way they acted will go down as one of those disasters ppl will point to as a prime example of why DAOs and DeFi are not to be taken seriously. Much damage has been done and I don’t believe that to be an exaggeration.

Hi all

Clearly been a lot of discussion above

I think its in everyones best interest to find circulating supply to burn / not have claim - this increases backing per TRIBE in every case

Can we get:

  1. A clear answer from every VC on if they want to keep their supply and claim the underlying or not. If they do not want to claim assets then that supply can be burnt, its far better than them doing nothing and leaving funds sitting around in a contract for nobody, or to maybe be donated.

  2. Is it unreasonable for the LP portion of the Fei Labs vest to be completely burnt? The regular team vest would still be claimable

  3. A full rundown of how much USD of assets rari has and how much supply their DAO is controlling

  4. A real discussion (doesnt have to be public) between fei labs and the wealthier victims who wouldn’t get a full repayment from the 57M TRIBE. Perhaps there is a middle ground that makes everyone happy?

  5. Teams take on this idea: https://twitter.com/dcfgod/status/1561097997907136512

  6. Some way to easily know the USD value of exploit in todays coin value vs at exploit time (this might already exist somewhere)

I also shared some more opinions on twitter if anyone’s interested (remove the spaces):

  • twi tter. com/dcfgod/status/1561145808296169473
  • twi tter. com/dcfgod/status/1561130298959466496
  • twi tter. com/dcfgod/status/1561104844181499904
4 Likes

Since TIP-120 has been published on a weekend, without any warning or delay, it may not reach a quorum. Delegations/Buys could not happen beforehand, and some actors may be just enjoying the weekend with their families. There may not be enough Tribe tokens available to reach a quorum without delegations from Fei Labs (decentralization at its best, again).

I don’t know if it’s another manipulation of Fei Labs (after last NopeDAO backstabbing, everything is on the table I guess), but if it doesn’t reach quorum, the vote will need to happen again given the very unusual conditions the vote has been submitted.

In the meanwhile, if you own Tribe tokens, please vote.

DAO is shutting down. It’s the end. So there is no reason to fully reimburse hack victims in this case. It was foolish and irresponsible to lend to the rari pools after the previous hack. Users of rari pools took a risk and lost. That’s all. Also, lenders to the pools are not creditors of the TRIBE DAO and examples from the tardfi are irrelevant. But the most damaged group is the genesis participants. Now a lot of other groups and late speculators are trying to benefit from the TRIBE DAO assets that exist because of genesis participants. RGT holders already used us as exit liquidity. Enough. If rleshner, VCs, and others want to fully reimburse hack victims then they can do this from their own pocket.

1 Like

The only chapter heading in DeFi textbooks this ‘historic’ event will ever have a legitimate claim to will file under “Malicious practices in the early days of DAOs”, or similar. It will in any case serve as a great case study of how not to run a community and what not to do in DeFi governance

Please explain the ‘courage’ in skimming customers, early backers and retail investors for personal gain. There is no “chapter 7”-equivalent liquidation in the world worth its salt that has the means to fully reimburse its stakeholders (customers, debtors & shareholders) that is not legally, ethically and/or morally compelled to do so. Not a single court ruling

But where everyone else sees fraud, I’m curious to hear how you see courage

Use as many bullet points, bolded letters and ‘thank you’ notes as you like

Show me the courage @rleshner. Oh and thank you

Now that TIP-120 has executed, the numbers for the proposal can be more easily estimated.

  • First we provide additional reasoning and explanation for the proposal itself, and address a number of comments.
  • Second, we will provide some data to help illustrate the proposal in more detail across different potential final outcomes.
  • Lastly, we suggest next steps on the consolidation step of the proposal.

NOTE: All of this data is changing in real time which is why we have provided the etherscan links so people can research and do their own calculations. All numbers will continue to move and PCV is still fluctuating based on the value of PCV assets. People should do their own calculations and not rely on any statements made below.

TLDR: This proposal could pay all retail hack victims the full amount lost, reimburse FEI holders, and allow TRIBE holders to redeem for remaining PCV

The Tribe DAO relationship to the Fuse hack

We believe that an effort to ensure retail victims of the Fuse hack are made whole, is in the best interests of the Tribe DAO community and is a positive outcome for the DeFi community. As shown below we believe this proposal will likely be able to achieve between $500k-$1m per Fuse hack victim assuming TRIBE IV between $0.23 and $0.30. This is far better than some other estimates previously circulated by other comments.

With the above goal in mind, we do not believe the Fuse Hack is a liability of the Tribe DAO for reasons we have expressed in the past and will reiterate below.

The Tribe DAO did not deploy Fuse. Nor is the Tribe DAO an insurer for Fuse or its users. In fact, the Tribe DAO was the largest loser of the Fuse Hack at roughly $30M. Tribe DAO does not have nor has it ever had control of the Fuse protocol. The Fuse multisig is used for some limited protocol control, software development, change implementations, operations, and revenue collection, and is not under control of TRIBE voting in any form. The Tribe DAO has never collected any Fuse revenues. Ultimately, we believe that all Fuse hack victims including the Tribe DAO are all victims of a criminal hack in a permissionless DeFi protocol.

With the intent of making sure retail is whole from the hack, we believe the proposal should use Rari related funds for any compensation to Fuse victims. The proposal allocates the TRIBE from the RGT peg exchanger to pay back the Fuse hack victims. By using the TRIBE from the peg exchanger, the proposal is allocating to victims of the Fuse hack funds previously allocated towards Rari. Jack Longarzo has also suggested including the ~$1.7M Fuse revenues to the payment which we think is a great addition.

Using Rari related assets means TRIBE holders would not be losing any more of the treasury than it already has on Rari.

As mentioned by @rleshner above, this proposal supersedes the past discussions. To be perfectly clear, Fei Labs fully supports TRIBE holder’s decision with respect to the Fuse hack whether it is a full payment, no payment, or something in between (as we have suggested by using the ~57M TRIBE from the RGT peg exchanger in this proposal).

Clarifications and Comments:

Confusion about FIP-106 snapshot/DAO vote:

A number of community members have expressed confusion about the governance process for FIP-106: Moving Forward from the Fuse Exploit. Snapshot votes in the Tribe DAO are non-binding. The only binding vote is the on chain vote which has the actual code needed to implement the change (if it passes).

In this instance, the snapshot passed but the on-chain vote did not, after significantly larger turnout. Having a snapshot before a binding on chain vote is typical of nearly every DAO including larger DAOs such as Uniswap and Aave.

Passing an on-chain vote is a technical requirement to move protocol assets as mentioned in the original post about the hack payment.

In the signaling snapshot vote, it was also stated that the Tribal Council will handle the logistics of repaying the amount stolen by the hacker subject to the community’s veto, which is exactly what happened when the on-chain code was submitted through Tribal Council.

The governance enhancements allowing for the Tribal Council for Tribe DAO were discussed and implemented starting in February, long before the Fuse hack.

Pooled Smart Contract Amounts in Fuse:

We believe all contracts and EOAs should be treated equally for purposes of calculating any distribution values.

Insured Amounts in Fuse

We don’t believe users who have purchased Nexus insurance should be included in a Fuse Hack payment. We encourage those who were affected and had coverage to seek reimbursement directly with them. It appears that many have done so already.

Data

Now that TIP-120 has executed, it is easier to calculate some of the numbers involved.

With that said, all of this data is changing in real time. We have provided the etherscan links so people can research and do their own calculations. All numbers will continue to move and PCV is still fluctuating based on the value of PCV assets. People should do their own calculations and not rely solely on any statements made below.

Circulating TRIBE (including the 57M proposed for Rari Hack Payment) as of Aug 22 is ~528.3M.

It is calculated by taking 1B total TRIBE and subtracting:

Then adding back in the 50M TRIBE claimed from the RGT peg exchanger here: Ethereum Transaction Hash (Txhash) Details | Etherscan

[Edit] Note the last ~7.3M TRIBE in peg exchanger is excluded from the above calculations and is irretrievable. It is used to compute the 57M TRIBE used from RGT when added with the 50m referenced above: PegExchanger | Address 0xc09bb5ecf865e6f69fe62a43c27f036a426909f7 | Etherscan

To calculate the Intrinsic Value of TRIBE at any moment, take the PCV value, subtract the user circulating FEI and divide by the Effective Circulating TRIBE.

With respect to the hack payment, here are summarized payout breakdowns using the equal distribution proposed:

While this number could fluctuate based on market conditions, PCV movement, TRIBE price, etc, assuming the 57 million TRIBE as the source of payment, at IV $0.235 , we calculate that all hack victims get paid up to $500K which would make whole 162/175 contracts. At IV $0.303, we calculate all hack victims get paid up to $1m which would make whole 170/175 contracts. Additional Fuse revenues and Rari assets would increase the effective coverage for victims at the same IV.

Here is spreadsheet showing the contracts involved and their amounts.

Process for Next Steps on the Proposal:

As mentioned in the proposal, consolidation is the first suggested piece to be voted on. We suggest that the 48h snapshot on consolidation go live Tuesday, Aug 23. We believe that moving quickly on this piece will help provide greater clarity and allow for more informed decisions about other pieces of the proposal. In order for the community to make specific decisions, we believe this vote should be multiple choice with the following options:

  • Keep ~50,000 stETH

  • Sell/OTC ~50,000 stETH

  • Keep 21,754 ETH

  • Sell ETH over Balancer LBP

  • Keep 18,751,529 LUSD

  • Sell 18,751,529 LUSD over Balancer LBP

  • Withdraw and burn all protocol FEI

  • Keep protocol FEI

  • Explore OTC options for remaining gov tokens

  • Distribute remaining gov tokens pro rata

gOHM could use the snapshot approved FIP-108 and the OTC unwind would be included in the first consolidation on-chain DAO vote.

All options except for remaining gov tokens would also be included in the consolidation DAO vote. If “explore OTC options for remaining gov tokens” is in favor in the snapshot, we would invite any community quotes for each position of veBAL, FOX, LQTY, INDEX, veAURA, veANGLE. We can then have a subsequent snapshot next week to decide how to treat each specifically.

7 Likes

Some of the address u provided in the google docs are not real hakcer victims, I would suggest use the initial data https://rari-hack-report.vercel.app/ to confirm the real hacker victims’ address. or use the snapshot data in the block when hack happened.

Since as market downfall in the past few months, some larger victims already sent their cToken to other address.

For instance:

This address is the largest USDC victims in pool 127 when hacker happened, now his cToken is transferred to multi-address.

Also this address: DeBank | Your DeFi wallet

1 Like

Whoever has access to this list could you assign address:
0xf3caa27dd9926B391f50849BDFdB8A06Fb489b67 to FujiDAO

You can confirm deployer with signed message below:
{
“address”: “0xb98d4D4e205afF4d4755E9Df19BD0B8BD4e0f148”,
“msg”: “This 0xb98d4d4e205aff4d4755e9df19bd0b8bd4e0f148 is the deployer of FujiDAO contract 0xf3caa27dd9926B391f50849BDFdB8A06Fb489b67”,
“sig”: “0x6f5e420b8b95d281d4944ce9cfd742ef768f0eb5f14141ae83c82fab0d0faaeb18987c97ef1d9f1c6a56363147bfdf41521715c71bc653bf177a84281e3a5a4b1c”,
“version”: “2”
}

Unfortunately, in this case, a season behind bars would set a great precedent as to how DAO’s should unwind in the future.

Making creditors as whole as possible must be mandatory until there is not a single penny on the table.

DAOs, should lead by example and Tribe’s DAO/founders behaved completely in the opposite way the community was expecting.

1 Like

In reply to
There is so much wrong with your argumentation.

Tribe DAO did, after the Tribe-Rari merge Tribe DAO acquired everything Rari has done and Rari people continued working on behalf of the Tribe DAO.

Tribe DAO paid the previous Rari hack victims as part of the merge agreement, so there is definitely a precedent for Tribe DAO backing Fuse.

After the merge, the Fuse mutisig was executed on behalf of the Tribe DAO. Tribe DAO could have demanded a change of signers if it was unhappy with the current ones.

Nobody believes that Tribe DAO would not collect profits from Fuse after paying so much to acquire it. Where would the profits have went?

The Fuse pools are permissionless, but not trustless. Users needed to trust Tribe DAO not to introduce bugs while upgrading contracts. A trust Tribe DAO could unfortunately not live up to.

Olympus DAO and Frax DAO are mostly owned by retail as well. The current proposal clearly rugs them.

After the merge there are no Rari related funds anymore, there are only Tribe DAO funds. Rari DAO ceased to exist and did not live on after the merger as a Limited Liability DAO.

This is only reasonable if you distribute pro rata of the lost value and not in the skewed way that is in this proposal. Not treating pooled funds equally ruins the composability of DeFi and undoes the positive contribution of Tribe DAO by promoting the EIP 4626 standard.

This proposals clearly shows consciousness of guild:

  • This discussion takes place on the forum of Tribe DAO, because you know Tribe DAO is responsible.
  • Tribe DAO intends to pay back some victims, because you know Tribe DAO is responsible.
  • Tribe DAO does not asks to be made whole for their stolen FEI, because you know Rari/Fuse and Tribe DAO are the same entity.

Tribe DAO is responsible for the hack, it happened on their watch and should do the ethical thing and pay back all victims in full.

5 Likes

There have been a lot of productive discussions thus far and I’d like to post a detailed overview of the Rari Capital Team’s response to this proposal and the unwinding of the DAO. I will also suggest some ways where this proposal could be adapted to provide additional support for hack victims. First, here is an overview of all assets currently associated with the Rari team.

These are all of the Rari team’s assets and we support a clawback on 100% of unvested assets. I will link the clawback transaction after it has been signed by Tribal Council members. Following the execution of this transaction all unvested assets will be returned to the DAO. Additionally, we will be returning 5m Tribe from the liquid reserve. The remaining assets will be used to wind down any Rari protocols or applications, aid in any Tribe governance initiatives, cover ongoing and future legal fees, and continue to work with law enforcement and cyber forensics on recovering funds from the Fuse exploit.

There have been many productive discussions surrounding using additional Rari related assets to reimburse hack victims. We continue to support the contribution of any additional assets towards a hack reimbursement if the community elects to do so. There has already been support for the 57m pegswapper Tribe and $1.7m in Fuse fees going to a reimbursement. I also will recommend the following assets are considered for a Fuse exploit reimbursement.

We support the will of the Tribe holders in any decision regarding the allocation of these resources or of any resources towards a reimbursement. We also continue to encourage discussion around a full reimbursement.

1 Like

I have been an investor since day one, when I underwent the genesis stage hack (Rekt - Fei - REKT). My investment was 15.6 ETH all in token TRIBE (about $ 28,880), almost completely wiped out. Will there be reimbursement also for those who have suffered this loss already in the initial phase and have still continued to believe in the project?

TIP-121a (consolidation) DAO vote is now live. This proposal follows the TIP-121a consolidation snapshot and implements “Sell LUSD”, “Sell ETH” and “withdraw and burn protocol FEI” as determined by the result of the TIP-121a snapshot.

1 Like

Below is a suggestion for how to proceed with the completion of the consolidation step in the proposal and the next steps, the Fuse Hack Payment and Final Redemption.

The main part of the consolidation step has executed on-chain and the ETH and LUSD sales have already started and will complete at roughly 6pm PT, Tuesday Aug 30. In addition, a Tribal Council action to claw back Rari Team tokens to the DAO timelock has been queued. It is slated to execute Tuesday Aug 30 as well.

The “Explore OTC for gov tokens” has begun and any communities looking to buy one of the LQTY, FOX, INDEX, veBAL, veAURA, or veANGLE should post a quote here on this forum or in another forum post.

On Wednesday at 4pm PT, the best offers for each would be snapshotted along with a second option. For liquid tokens the second option would be “distribute pro rata”, for veTokens, the second option would be “give contract ownership to respective DAO” i.e. veAURA to the Aura DAO etc. The reasoning for this would be that these ve-token contracts can only have a single owner and would not otherwise have a distribution mechanism.

For the Fuse Hack Payment, the next step would be a snapshot vote with 4 options, approval style:

  1. Distribute the value of ~57M TRIBE to the hack victims
  2. Distribute the value of ~82M TRIBE and ~4.5M stables to the hack victims (combining all Rari-related assets described above across a number of comments/suggestions)
  3. Issue a full hack payment to all victims
  4. No hack payment

If 1, 2, or 3 wins, an on-chain vote would be posted at some point between Sept 12 and the end of September, with an exact date pending the complete security audit of the distribution contract.

Given the timeline above, we suggest a snapshot date for the Fuse Hack Payment on Tuesday, Sept 6. This week, a complete accounting of protocol assets can be provided along with a methodology for computing Intrinsic Value to have a fully informed vote. This gives time for after the completion of the majority of consolidation, OTCs, and clawbacks.

The asset distribution portions of the Final Redemption step should be ready to post on-chain within 1-2 weeks of the Fuse Hack Payment.

5 Likes

In “all victims” of point 3 are included the holders of TRIBE who suffered the attack during the genesis? Does this mean that it will be possible to get back the ETH invested during the genesis? What will the requirements be?

We have heard very little from team members and investors about how they approached the failure of their project from a financial standpoint. Winding down a project, admitting failure, and sharing this with team members and investors must have been a heavy and challenging burden for Fei Labs founders. I can only imagine that the silence from team members and investors means that difficult discussions took place internally and that everyone is aligned around the direction this shutdown should take place.

Yesterday, @DCFGOD shared a list of addresses that have been identified as linked to the team or investors, and for which Fei Labs has given very little guidance about their claim rights to the treasury.

I believe that the team and investors will take the right decision and protect their reputation by renouncing collecting the remaining assets for personal enrichment. Effectively, using unvested and unaccounted FEI and TRIBE tokens to redeem remaining DAO-controlled assets could be considered abusive and greedy behavior, especially when taking into account the difficult history of the project.

In the traditional startup world, failure of a project means limited to no return for investors and employees who have unvested equity. We can only assume that Fei Labs will take hand in hand with their investors the right decision, a decision that demonstrates good faith in the unwinding of the DAO and set a precedent that will be followed by other failing projects that return assets to their holders.

2 Likes

gm fellas how u doing

Here is a suggested process for the upcoming snapshot for Rari hack repayment using 4 voting options described above. Each voting option corresponds to a different amount of funds being used to compensate hack victims. This post gives a general accounting method which could be used for each option.

The numbers in this post are subject to change due to market conditions, pending OTC trades, and community feedback. For these reasons the numbers in this post should NOT be taken as the final numbers.

The four options are:

  1. Repayment using the USD equivalent of 57.3M TRIBE, distributed evenly across victim’s addresses (“Initial proposal”)
  2. Repayment using the USD equivalent of 82.3M TRIBE and $4.6M USD of stablecoins, distributed evenly across victim’s addresses (“All Rari related assets”)
  3. Full repayment to all victims’ addresses
  4. No repayment

All payouts would be distributed as stablecoins. The reasons why these particular numbers are suggested can be found earlier in the discussions above.

Voting Procedure

The snapshot vote would begin on Tuesday at 4pm PT.

The snapshot would be structured as an Approval style vote, where each voter can choose multiple options. Whichever option has the highest aggregate approval would be considered the winner, with a 10M TRIBE quorum.

If the winning option is 1, 2, or 3, it can then advance to an on-chain DAO vote. The DAO vote would come after security audits (which began this week on frozen code) and final integration and UI testing, and be announced with at least 72 hour notice.

Protocol Accounting

In options 1 and 2, the USD equivalent value of TRIBE is computed using its Intrinsic Value (IV), described above:

  • Protocol Equity = (Total PCV) - (User Circulating FEI)
  • TRIBE IV = (Protocol Equity) / (Circulating TRIBE)

The final numbers for the variables of “Total PCV”, “User Circulating FEI”, and “Circulating TRIBE” are still dependent on a number of fluctuating variables including pending OTC details, market movements, and community feedback. The variables are described below to the best of our knowledge, and the Tribe DAO would need to vote to confirm any final numbers.

Any assets and addresses not listed below are considered “user owned” for purposes of Fuse Hack Payment and Final Redemption. This accounting can be audited against historical governance proposals executed by the Tribe DAO & Fei Protocol.

Total PCV

Total PCV is nearly completely accounted for by the Fei Collateralization oracle contract deployed at address 0xff6f59333cfd8f4ebc14ad0a0e181a83e655d257 and visualized on https://fei-tools.com/#/CollateralizationOracle.

The additional variables not included in the Collateralization Oracle for PCV include:

User Circulating FEI

The user circulating FEI is also reported by the Fei Collateralization oracle contract deployed at address 0xff6f59333cfd8f4ebc14ad0a0e181a83e655d257 and visualized on https://fei-tools.com/#/CollateralizationOracle.

This number is mostly accurate except for 1M FEI should be subtracted, as this is the amount in the pending clawback from La Tribu LinearTokenTimelock | Address 0xdb02630ed4f4994414122894B5082dc6D88a4ED4 | Etherscan

Protocol equity

Protocol equity is the difference between the total value of PCV and user circulating FEI. A 7-day average of this value ending at the timestamp 24 hours before a DAO vote can be used for final calculations. Any on-chain DAO vote would be announced with at least 72 hour notice.

Circulating TRIBE

This is the circulating TRIBE calculated as 1 billion total minus all DAO owned TRIBE. The complete accounting of DAO owned TRIBE is:

This puts the base circulating TRIBE at 458,964,339.24, after subtracting the above from the 1bn total.

Fuse Hack Payment Calculations

Bad Fuse debt is defined as the amount stolen by the hacker and is used to account hack victim damages. Bad Fuse debt can be computed using an average over the same 7-day range as used for protocol equity.

Here is an example calculation using the current numbers. These example numbers use a time range from 2022-08-24 to 2022-08-31. The final numbers that would be used on chain are subject to changes due to market conditions, pending OTC trades, and community feedback.

  • Protocol Equity 7-day average = $148,817,118.73
  • Circulating TRIBE = 458,964,339.24 TRIBE
  • Pre-payment TRIBE IV is the protocol equity divided by the sum of circulating TRIBE and TRIBE used for repayment
  • Bad Fuse debt 7-day average = $40,550,490.80

The above and below numbers are example calculations which would need to be recomputed before the DAO vote. Any of the factors described in this post could change these numbers, such as the fluctuations in market price. There could be other factors as well, despite best efforts to account for them all here. Users should do their own calculations.

Hack Victim Accounting

For each option, victims are paid as a function of how much bad debt they hold as of a snapshot block 24 hours before the DAO vote. Bad debt of each cToken is defined as the amount of the corresponding asset stolen by the hacker. Bad debt of each victim is computed using the amount of cTokens held in the victim’s address.

Hack victim accounting for options 3 and 4 is straightforward: victims are either fully repaid or not paid at all, respectively.

For options 1 and 2, payouts are evenly split across victim addresses, capped by the amount of damages for each victim. This results in a single max payout threshold, where victims falling below this threshold are fully repaid. Example computations based on current market data is provided in a spreadsheet below.

Since the initial proposal of this plan, some addresses have attempted to exploit this dynamic by splitting their cTokens across multiple addresses. These splits should not be respected, and they can be treated as if they never occurred. Additionally, there are some victim addresses that have already received hack compensation from Nexus Mutual totaling more than $5,000,000 [1] [2] [3]. These addresses would not receive additional compensation from the Tribe DAO under any of the four voting options.

Pending governance approval, any smart contract addresses which are Gnosis safes will have funds sent directly to the safes. Known DAO’s can coordinate with the Tribe DAO to come up with a suitable address for funds to be sent to.

These numbers are subject to change due to market conditions, pending OTC trades, and community feedback.

Here is a spreadsheet of the current bad debt held by each victim address, as well as repayment thresholds.

Since the initial proposal of this plan, some addresses have attempted to exploit this dynamic by splitting their cTokens across multiple addresses. These splits should not be respected, and they can be treated as if they never occurred. Additionally, there are some victim addresses that have already received hack compensation from Nexus Mutual totaling more than $5,000,000 [1] [2] [3] . These addresses would not receive additional compensation from the Tribe DAO under any of the four voting options.

I would report this address: DeBank | Your DeFi wallet ,
who used to be the largest USDC victims in this hack, but he split all his USDC ctoken into different address, for example:
0xf181F937Fd4Fa54B33657AA39EFc38ad852FfC1E 0xda80939bfC4270416cf90258809e93A2Ebf2E493

This is 100% unfair for other victims, plz did do a research.

While Fei is winding down, the Gyroscope community welcomes any Fei community members that are looking to apply their expertise & lessons learned to another decentralised stablecoin.

Refer to this brief introduction or jump straight into the Discord.