To Fork or Not to Fork – A Hack of a Question

To Fork or Not to Fork – A Hack of a Question

September 30, 2020 Decentralized Finance DeFi 0


Once you purchase an Infinity Vest Savings Ticket with a supported stable coin that stable coin, is sent to Compound Finance, an interest earning smart contract. You receive an Infinity Vest Savings Ticket, and are able to redeem that for your stable coin anytime. If you hold an infinity Vest Savings Ticket from the beginning of a round until the drawing, then you have a chance to win, and your chances of winning are very good.



To Fork or Not to Fork – A Hack of a Question

The DeFi dilemma in the wake of the $200M KuCoin exploit.

By Paul Claudius, co-founder of oracle provider DIA

Following the recent hack of Hong Kong-based centralised crypto exchange KuCoin, many DeFi projects were quick to freeze their smart contracts and initiate a token swap to do damage control and undermine the hacker’s ability to monetise on his actions. Others rejected using centralized infrastructure to exert this power. The difference in responses brings up an age-old question in the realm of DLT: How much decentralization do we really want?

Catching Up

On Friday, September 25, a malicious actor or actors routed an estimated USD 200 million worth of digital assets from the exchange to an external address, affecting hundreds of thousands of users and well over 100 projects. The hack, which affected projects of all sizes, posed a looming threat of massive token dumps, potentially crashing token prices and investor morale. The community watched the event unfold in real-time via the hacker’s wallet on Etherscan and Ethplorer.

As of Saturday, September 26, smaller tranches of tokens from a broad range of projects were being sold off. This compelled projects to take mostly discretionary decisions that would potentially impact thousands of KuCoin clients and entire communities.

Pressure to Act

As the situation unfolded, the impacted projects took the initiative to support and coordinate among each other, while KuCoin was requesting projects to unilaterally initiate a fork or pause contracts.

Projects were evaluating this course of action when the hacker increased pressure by moving over two million of Ocean tokens to liquidate on Uniswap from his master wallet. The swift progression of the situation painfully highlighted the risks borne both by the vulnerabilities of centralized infrastructure as well as the continuous nature of DEXs:

Centralised infrastructure creates opportunities for hackers and decentralized infrastructure allows them to monetize on it.

DeFi-Defining Moment

The way that we deal with such situations and the decisions we take to mitigate them and what we expect from decentralized organizations and decision-making processes is – at least in part – what defines the projects themselves as well as the wider DeFi community.

Do we prefer benevolent dictators that take swift and decisive action in the interest of the community? Are we OK with surrendering the ultimate power to just one or a handful of people? Was this the root of the entire debacle in the first place? Or do we prefer the other extreme – absolute decentralization at all costs that might not reflect communities’ current sentiment and cause them to suffer an immediate adverse financial impact?




Contributor: Nick Martitsch, Business Development at Compound Labs

  • Total outstanding borrowing on Compound is currently at $978M and trending back towards the $1B mark, as volumes increased 54% in the last 2 weeks; 86% of the total borrowing is concentrated in DAI, followed by 7% in USDC and 4% in ETH. Following a recent governance update on September 21st entitled “Upgrade cUSDC Interest Rate Model”, all stablecoin markets on Compound have the same JumpRateModelV2 interest rate model and therefore have the same interest rates at each utilization rate. (Sources: LoanScanCompound)

  • As a result of the ongoing COMP distribution to protocol users, 38,189 unique Ethereum addresses now hold voting power in the form of the COMP token. Approximately 2,312 COMP are being distributed to users every day, a 20% reduction from the original 2,880 due to the governance proposal entitled “Reduce COMP emissions by 20%” that was executed on August 31st. This decentralization of voting power into the hands of tens of thousands of users is a critical step for the protocol to have a robust, community-owned governance system. (Sources: Nansen.aiCompound)

  • A significant majority of COMP holders hold less than 100,000 COMP, which is the amount of delegated COMP-votes needed to formally propose a protocol upgrade; however, 225 addresses hold at least 100 COMP. With the launch of Compound Autonomous Proposals (CAPs), any user with 100+ COMP may create a proposal template, seek the delegation of 100,000 total COMP-votes, and make the CAP eligible to transition to a formal proposal. Create your own CAP by visiting the vote page of the app, or delegate your support to an active CAP – for example,  Set Pause Guardian to Community Multi-Sig.