Recovery Phase

Together with blockchain and Web2 cybersecurity experts at Mandiant, we conducted a full review of our security practices, looking at everything from the smart contract layer, to the app infrastructure, to how we communicate with and educate users.

The latest article details some of the immediate changes made, and ongoing efforts to bolster resistance to future attacks.

Read more: https://badger.com/news/badger-security-upgrades

Together we looked at everything from the smart contract layer, to the app infrastructure, to how we communicate with and educate our users. A number of recommended measures were implemented immediately with a full plan in place for ongoing monitoring and support.

In addition, Badger is currently working with cybersecurity firm Halborn to conduct a thorough security audit of our new infrastructure.

This attack is a reminder that - even as Badger’s core smart contracts were not impacted - phishing attacks, Web2 vulnerabilities, and user behaviors can interact in ways that pose major security threats.

In an effort to bolster preventative security measures, Badger is doubling down on support and education to ensure that users have the tools to report any suspicious activity, and verify the integrity of contracts they interact with. More to come on these ongoing efforts.

We will continue to do everything we can to share what we’ve learned from this incident with the DeFi community in the hopes that no other protocol will have to suffer a similar exploit.

The purpose of this RFF is to begin a community discussion around what a potential compensation plan could look like for victims of the Dec 2, 2021 front end exploit.

Join the conversation below:

#rff-restitution-refined-non-recoverable-non-native-funds

It provides a framework for what a BIP could look like, and links to background information Badger believes is necessary for the community to make an informed decision.

There are a number of questions BADGER holders are going to need to answer as part of the process of moving forward post-exploit. This document is intended to spark discussion amongst the community (including directly affected and indirectly affected users) and provide a clear framework for feedback from the broad community and eventual governance proposals.

Definition of “exploited tokens” and “victims”

Here’s the breakdown of affected assets.

• 2017 BTC (~$113m)
• 53 DIGG (~3.2m)
• 26.56 ETH (~0.1m)
• 730 CVX (~0.018m)

The affected assets will be accounted for in BTC and USD at the time of the exploit. BTC is disproportionately the largest asset lost and USD is a recognized global unit of account.

Discussion Question 1:

When all affected assets are converted to BTC at the time of the hack this is approximately  2076.54 BTC (~$116.3m USD at time of hack) 2019.37 BTC if DIGG is excluded for consideration by the community for special compensation.

Discussion Question 2:

Should DIGG be included in the accounting of “exploited tokens”? If not included a separate rff will be created for community feedback on potential restitution methods for the users who lost DIGG.

DIGG restitution methods could look like:

• BadgerDAO can mint new DIGG 1:1 to the ones that are lost to let it participate in the future DIGG plans. This would increase the circulating supply of DIGG.
• Treat DIGG as "all other" non-native assets. If we use the same method as with CVX and ETH, then each DIGG would be counted as 1.08 BTC as that was its price at the time of the hack or could be counted using the DIGG/BTC ratio at the time of unpausing..

The “exploited tokens” will refer to the 2076.54 BTC, or 2019.37 BTC if DIGG is not included in this current accounting of affected assets at 1.08 rate.

The wallets that previously held these exploited tokens will be referenced as the “victims” throughout this document.

In this document “governance” assets refer to BADGER, and “non-native” assets are any BadgerDAO assets that are not BADGER.

Sources of Compensation

The following link presents an overview of the current state of the BadgerDAO treasury

BadgerDAO Treasury Overview

The BadgerDAO treasury and team efforts can be leveraged to compensate victims in two general forms:

Direct Compensation:

The BadgerDAO treasury’s non-native assets currently earmarked to be used for long-term operational runway can be used to commit to compensation efforts. This money could be immediately paid to victims either directly or indirectly.

Discussion Question 3:

Should the non-native assets in the treasury be used for this one time action and if so, how much?

Badger Extraordinary Emissions:

The non-circulating BADGER currently held by BadgerDAO could be scheduled to be emitted over a fixed timeframe to victims. This program should be evaluated at the end of that chosen timeframe.

Discussion Question 4:

How much of the non-circulating BADGER should be committed to this program and how should it be distributed?

Indirect Compensation (accounting token):

BadgerDAO could create and distribute an accounting token to victims. This would allow BadgerDAO’s team to pursue novel yield farming programs and redirect future yields to victims over a fixed timeframe. This program should be evaluated at the end of that chosen timeframe.

Discussion Question 5:

Should BadgerDAO distribute an accounting token to victims and if so over what timeframe should novel yield farming programs distribute extraordinary yield to victims?

Compensation distribution models

Launching New Products and Revenue Sharing With Victims:

Currently, BadgerDAO is committing most of its resources to supporting the Badger flywheel in the Convex + Curve ecosystems.

There are, however, some potential opportunities to increase that revenue through novel yield farming strategies. Some possibilities include:

1. BadgerDAO could utilize a portion of the treasury holdings as collateral and borrow Stablecoins to farm on Convex. Careful consideration would be required to assess the risks of this program.
2. BadgerDAO could launch the Stablecoin Setts in the Badger app (with no Badger emissions), and redirect the performance fees earned on them towards the victims.
3. The accounting tokens described above that could be potentially issued to the victims could be used for any DIGG 2.0 related genesis events.

Discussion Question 6:

Should BadgerDAO commit resources (treasury and human capital) to developing new products that redirect yield to victims? If so, for what timeframe and what percentage of yield should be redirected?

Here is an example of a strategy that utilizes Badger native treasury holdings for Stablecoin farming:

BadgerDAO New Product Consideration: Treasury Backed Yield Farming Strategies

Other questions to consider:

1. How are the accounting tokens distributed (Pro Rata, with some minimum, or other)
2. How to evaluate performance of the repayment efforts and when to evaluate continuing, adjusting, stopping any efforts
3. Are there any steps that need to be taken for victims to opt-in to the compensation efforts?

The desired outcome of the community discussions is to distill them into actionable BIPs that the BADGER holders would decide through the snapshot voting.

Here is an example of how the questions decided by the token holders could look:

An example of possible snapshot voting options for all other assets

BIP 78: Return Recoverable Tokens, has reached quorum and has moved to snapshot for voting.

Vote now:

https://snapshot.org/#/badgerdao.eth/proposal/0xdf30cfb5737cf8843d0181c26258187e8712de91c16ff3873b6c334cb1300690

BIP 79: Restore Governance Tokens, is now live on the forum for feedback and signal voting.

https://forum.badger.finance/t/bip-79-restore-governance-tokens/5216

This BIP seeks to gain approval to use treasury BADGER to restore governance tokens to those affected, enabling them to vote on future proposals.

BIP 78: Return Recoverable Tokens is now live on the forum for feedback and signal voting.

https://forum.badger.finance/t/bip-78-return-recoverable-tokens/5202

As a follow up to BIP 77 where approval was received to recover the "stuck" assets, this BIP seeks to gain approval to return the recovered tokens to the wallets from which they were taken.

BIP 77: Reactivate Smart Contracts and Recover Funds, has reached quorum and has moved to snapshot for voting.

Vote now:

https://snapshot.org/#/badgerdao.eth/proposal/0x14c1648e0f9592114cb98bbe4685bc1a619dd0edccb1c7347388b09016816b0d

BIP 77: Reactivate Smart Contracts and Recover Funds is now live on the forum for feedback and signal voting.

https://forum.badger.finance/t/bip-77-reactivate-smart-contracts-and-recover-funds/5178

This BIP focuses on the following actions:

1. Reactivate the protocol smart contracts
2. Execute the stolen funds recovery scripts
3. Develop clarity on multisig permissions within the DAO (specifically, the dev multisig)

BIP-77 will not be enacted until upgrades described in BIP-76 have completed.

Read up on BIP 76:

https://forum.badger.finance/t/bip-76-upgrade-smart-contracts/5173/2

As mentioned in the rff-restitution-governance-and-recoverable-assets channel, BIP 76 proposes that we move forward with contract upgrades that will allow for the rescue of user funds, improved pausing functionality and additional safeguards via blacklisting.

Based on community feedback and in order to expedite the possible reactivation of smart contracts, this proposal is moving directly to a 48 hour snapshot vote.

Read more: https://forum.badger.finance/t/bip-76-upgrade-smart-contracts/5173

Vote: https://snapshot.org/#/badgerdao.eth/proposal/0xd3360ea2f5e101b01ad3c80d04f2abeb38f8faee2ebba1ca791e8c1b360b7d7b

Please Note: This BIP will not cover the execution of the proposed rescue function and unpausing. Those items will be addressed later via a future BIP.

Badger has been community first from day one with all major decisions happening as openly as possible and prioritizing community engagement above all else.  Deciding on an exploit compensation plan should be no different.  Through this rff we hope to work with the community to craft a go forward plan with respect to the users that lost funds in the recent exploit.

There are 3 buckets of assets that were affected by the exploit

1. Governance (BADGER: BADGER, bBADGER and BADGER LP)
2. Recoverable
3. Other

This RFF is focused on #3.  Please reference this Badger blog post [https://badger.com/recovery-phase ] and this discord channel [https://discord.gg/badgerdao ] for more information on #1 and #2 plus information on the current state of the BadgerDAO treasury.

What are we trying to achieve in this discussion?

1. The extent to which, if any, the DAO supports going to source funds for compensation of the losses incurred from the exploit
2. Where the funds, if approved, would be sourced from
3. The mechanism through which that compensation is delivered

Restitution Structure

Before the community can define what the specific $$ amount could look like for restitution, we first need to gather sentiment and decide on the structure of remuneration.

Below are a variety of options for us all to discuss. I encourage community members to share other options they think should be evaluated.

1. Should Badger offer immediate compensation for victims to some extent? If so, how much?
2. Should Badger create a Redemption Pool that the DAO could work to grow over time?
3. Can there be option 1 without option 2?
4. If there is a redemption option does that individual relinquish their ability to claim from the redemption pool in the future if they claim immediately?
5. What would the dynamics be of that redemption pool?

In all of the above examples if funds are retrieved from the exploiter, regardless of the structure, funds will be distributed to affected users.  The exact method would be determined based on amount recovered and progress on compensation plans to that point.

Ways to fund redemption

When determining any form of restitution the community needs to determine where those funds are coming from.

Some options;

• Treasury assets
• Borrow assets using treasury funds

There are protocols that structured redemption programs by leveraging loans from Iron Bank successfully in the past (Popsicle finance, CREAM, Thorchain, Alpha Homora etc.).

Contributors at Badger have had preliminary conversations with both the Iron Bank and Abracadabra about the potential to collaborate for this restitution process.

Preliminary redemption funding Ideas

Iron Bank - Use a mix of different treasury assets or singular assets (Badger, Badger/WBTC TCL, DIGG/WBTC TCL, BTC (a variety of synthetics), USDC (or stablecoin derivatives) etc. to borrow stablecoins and buy BTC. LTV ratio and interest would change based on collateral used and type of assets borrowed. For reference https://docs.cream.finance/iron-bank/collateral-and-reserve-facto

Abracadabra - Launch a BADGER cauldron for treasury and community members to use Badger and borrow MIM. Use MIM to acquire BTC. LTV and collateral ratios have yet to be discussed in detail.

Comparing Compensation Efforts from other Protocols

When reviewing compensation structures Badger should look at other protocol examples.

Below is a brief summary of what other protocols have done.

See a recent post of resources from community member (s g#7683) that includes 10 of the large crypto/DeFi based exploits. Complete with many links and articles that explain what happened and restitution efforts. https://discord.com/channels/743271185751474307/743271185751474312/918326461532893215

Implementation Ideas

Badger contributors have actively been working on potential models for how restitution could work for victims of “all other assets”. They will share those ideas in thread below this RFF for community discussion.

Please share all ideas, suggestions, feedback and guidance. From there this RFF can be structured into a BIP for signal voting amongst the community and finally official voting for governance asset holders on Snapshot.

Since the beginning, BadgerDAO has been dedicated to transparency, inclusion and decentralized governance. As we tackle one of the most difficult challenges the DAO has faced thus far, it’s critical that we uphold our values and beliefs.

We believe that all remediation decisions should be made as a community with strong consideration for the long term health of the DAO and victims of this incident.

Overview

You can review a detailed technical post mortem of the incident here to understand how this took place.  [Post Mortem]

It is important to highlight that Badger Smart Contracts were NOT affected by this exploit and all deposits in those contracts remain safe. This exploit was isolated to the front end of the Badger website.

A total of 146 transactions (from 145 wallets) were affected in this exploit. Of those transactions:

• 51 contain recoverable assets (i.e. assets frozen by the DAO) (34%)
• 25 contain governance assets (i.e. assets with voting weight) (17%)
• 70 contain other assets (49%)

Note: this does not include the 38 transactions that were immediately reverted on-chain due to the DAO pausing its contracts while the exploit was taking place. Pausing also prevented another possible 98 transactions of assets which were at risk, but were never attempted to be transferred by the exploiter.

As a precautionary measure, it is recommended that all users follow the instructions outlined below to revoke authorization of the exploiters address prior to the unpausing of the smart contracts.

1. Check all token approvals here: [https://debank.com/profile/[your-address]/approve](https://debank.com/profile/[your-address]/approve), https://revoke.cash/ or https://etherscan.io/tokenapprovalchecker
2. Search for this address: 0x1fcdb04d0c5364fbd92c73ca8af9baa72c269107
3. Decline this approval
4. Search your permissions and revoke any other unrecognized token approval

Even though the exploiter’s address would be blacklisted in a future update to Badger’s contracts, this cannot stop all unwanted transactions. If your wallet address is in [this list](https://dune.xyz/queries/274619) you still have assets approved to the exploiter’s address which should be revoked!

Even though the transfer of Badger assets (bTokens) would be blacklisted once everything is unpaused, there are still 25 addresses (https://dune.xyz/queries/288815) that haven’t revoked allowance to transfer assets outside Badger app, like WBTC, Curve LP tokens, and Badger LPs outside the app.

It is especially important for users who are on this list of addresses to revoke the approval to transact with the exploiter's address, as otherwise they would be at risk of losing the approved tokens that Badger can’t blacklist the transfers on. For example, if they’ve approved WBTC to transfer to the exploiter’s address and deposit WBTC into their address, it would be at risk of being stolen.

If they approved a bToken, like ibBTC/sBTC LP deposited into the app, it would be safe, but it’s still better to revoke the allowance anyways.

Governance Process

In line with our existing governance processes, the remediation efforts should follow the framework below.

1. Badger DAO contributors initiate step 1 of the governance process by presenting a proposal under RFF (request for feedback).
2. With adequate community feedback, suggestion, and guidance, this proposal will move to a BIP (Badger Improvement Proposal) on forum.badger.com for additional feedback along with signal voting. If it reaches a quorum of 50 total votes at a 51% approval rate it can move to the final stage.
3. On https://snapshot.org/#/badgerdao.eth, BADGER token holders can vote on the BIP which lasts 48 hours and requires 51% approval to pass.

Separate from the governance process for what exactly the remediation plans should be, the community needs to pass governance for the unpausing and upgrades of the existing smart contracts. Due to enforced limitations around timelocks, these technical proposals should move to an expedited BIP to allow for Badger smart contracts to activate as soon as possible while community conversation continues around remuneration outcomes.

When defining the different types of decisions to be made around rectification, the community collectively needs to address the types of assets affected, proposed remediation plan and how to implement it.

For the purpose of this RFF, Badger is proposing that we focus on ensuring the community has all of the appropriate info as it relates to the current state of the DAO, details surrounding the exploited funds and is focused on developing a comprehensive plan around rectifying the situation with respect to governance and recoverable assets

We intend to address a go forward plan for all other assets in a separate RFF.

State of the DAO

In defining a remuneration plan we need to fully understand the sustainability of operations based on remuneration outcomes.

There is still 35% of supply available to the BadgerDAO treasury (0x4441776e6a5d61fa024a5117bfc26b953ad1f425), as well as 6.5% of supply clawed back from the initial airdrop which resides in the BadgerHunt[0x394dcfbcf25c5400fcc147ebd9970ed34a474543] contract. 

The breakdown of non-native assets in the treasury is available here:

Bitcoin and Ethereum in the treasury is earmarked for the treasury controlled liquidity and operational expenses.

There’s about 16.8 $M USD in the treasury that’s mainly reserved for the long term runway. We expect 6-8 $M of that to be spent in 2022 depending on how much the team grows.

The current rate of spending would require between 1,000 - 2,000 ETH spent on gas alone in 2022, but there are some gas optimizations planned for the first half of the year that could reduce that number significantly.

We believe that any outcome should enable Badger to continue operating with adequate resources to accelerate growth in our dynamic space and benefit the greater ecosystem of Badger holders and DeFi space in general.

Breakdown of assets affected in exploit

We’ve identified 3 classes of assets that were involved in the exploit.

• Governance (Badger, bBadger, Badger side of Badger/WBTC LP)
• Recoverable - These are vault positions that the actor took from users that they weren’t able to withdraw before the smart contracts were paused. 41% of Badger/WBTC LP are included in this.
• All other assets - These are all other assets that the actor was able to withdraw from the vault positions and that aren’t recoverable without being sent back to Badger by the exploiter.

Note: Estimated USD prices are based on fixed pricing taken from the time when the exploitation script was run (2 Dec, 2021).  They should be taken as an indication and not absolute.

Recoverable Assets

What does recoverable mean?

Recoverable assets are vault tokens that reside in the exploiters addresses that were never withdrawn into the underlying tokens and sent from user wallets to outsider addresses.. This is because the smart contracts were/are paused which prevented them from moving.

How could Badger recover them?

An upgrade could be made to all the vault smart contracts to add a new one time function that allows for the transfer of those vault tokens from the exploiters wallets and have them sent to a new multisig (recovered.badgerdao.eth) governed by the existing signers of the dev multisig.

How can these be distributed?

Recoverable funds from the exact user wallets prior to  block 13724086 which occurred right before the exploit, can be attributed to their rightful owners.

If Badger were to recover these vault tokens to the new multisig, they could then be returned directly to those users via the claim function in the Badger app.

The following tokens are currently fully recoverable;

• bveCVX
• bbveCVX-CVX-f (LP)
• bfPmBTC/HBTC
• bcrv3crypto
• bcvxCRV
• bimBTC
• bcrvRenWBTC

And here are the tokens that are partially recoverable:

• bcrvRenWSBTC (91%)
• Badger/WBTC SLP (41%)
• DIGG/WBTC SLP (11.4%)
• ibBTC/sBTC LP (1.5%)

All the partially recoverable assets can be traced back to their original owners, as those haven’t been liquidated, swapped or bridged by the exploiter.

What is the total impact of this recovery effort?

A total of $9.123M USD in various tokens  which was taken on December 2nd when analysis was completed. This represents 7% of the total funds lost and 34% of users receiving 100% of their funds back.

Proposal: Recover these tokens and distribute to the wallets of users that held them before the exploit. Execute this with the unpausing of the smart contracts.

Governance Assets

What does Governance assets mean?

These are different assets that community members can use to participate in governance decisions within the DAO. These are token based voting decisions where the influence of your vote in a BIP is decided by the amount of tokens you hold.

Users that hold these 4 tokens can participate in governance decisions

• BADGER
• bBADGER (deposited BADGER)
• BADGER/WBTC Sushiswap LP token
• BADGER/WBTC Uniswap LP token

Only the BADGER portion of the Sushiswap or Uniswap LP tokens hold vote weight.

Which governance assets were affected in this exploit?

The below table outlines how many of the 4 governance assets were stolen in this exploit, along with their $$ value as of December 2nd and total number of users for each.

Non-recoverable

Recoverable

Why do governance assets matter for remediation?

There are 25 governance assets holders affected in this exploit that would want to participate in voting along with the rest of the community on remediation efforts since they are part of the group most affected.

Unfortunately they can’t because their governance assets are no longer in their possession. The Badger DAO is in a position to pay these holders back using non-uncirculating BADGER supply.

Proposal: Rectify governance assets holders with a total of 192.7k Badger from the treasury to enable them to participate in governance decisions as part of the overall remediation efforts.

Rectifying BADGER and bBADGER assets would require 0.78% of the total BADGER supply. Rectifying the underlying BADGER in the LP tokens, based on their composition at the time of the exploit, would require an additional 0.13, totaling to 0.91% of total supply.

Please share all ideas, suggestions, feedback and guidance. From there this RFF can be structured into a BIP for signal voting amongst the community and finally official voting for governance asset holders on Snapshot.

Users can join the conversation and provide thoughts, suggestions and feedback by joining the discord channel below.

https://discord.gg/badgerdao