OIP-167: Request to Make Consolidation Users Whole

hOHMwardbound

At 7:49 AM CST on 9/21, our security partners at Hypernative detected unusual activity related to the recently deployed Cooler Consolidation Contract. After analyzing the situation, we identified the scope and nature of the attack and took immediate steps to mitigate it.

As of block 20799042, the total amount affected is $29,383.58 in DAI and gOHM. Though the consolidator was not a core Olympus contract, due to the small impact of losses incurred, we propose to reimburse the impacted users from the DAO Multisig, with the compensation to be denominated in gOHM.

If you are one of the five affected addresses that has not yet revoked both DAI and gOHM approvals, please do so as soon as possible. Any future losses resulting from failure to revoke these permissions will not be eligible for reimbursement.

This proposal will move forward to Snapshot for voting following positive support during condensed RFC and OIP stages.

For: Reimburse Affected Users
Against: Do Not Reimburse Affected Users

z_33

generally for it. quick question:

what makes something an "Olympus Core Contract" and why is consolidatooor not one. Do we have a list of Core Contracts?

Relwyn

z_33

Good question Z. I have some perspective on this.

Since converting Olympus to the Default Framework, our 'Core' contracts falls into one of two buckets: Policies or Modules

The Core Modules are:

MINTR
PRICE
TRSRY
RANGE
ROLES
KERNEL

The Core Policies are:

Clearinghouse v1/v2
GovernerBravoDelegator
YieldPurchaseFacility
OlympusHeart
Timelock
GovernerBravoDelegate
BondCallback
Operator
CrossChainBridge
Emergency
TreasuryCustodian
OlympusPriceConfig

Many of these Policies have privileged roles and access to things like MINTR or TRSRY which makes them high risk. As such, almost everything here was audited (Sometimes a few times) before going production.

For something like the Consolidation Contract, it's not privileged in any way. It doesn't hold funds in escrow and it doesn't have a role from ROLES that elevates its authority. It's more a utility contract that brokers a Maker Flashloan and then hits the public surface of Clearinghouse to originate the new loan and repay the old.

As such, anybody could have deployed the Consolidation Contract and there's no privilege doing so. It creates no systemic risk to the protocol.

Hopefully these detail help to understand the hierarchy.

For Reference: https://github.com/fullyallocated/Default

hOHMwardbound

z_33 A list of contracts and explanation can be found on the docs starting here: https://docs.olympusdao.finance/main/contracts/overview and then also under the "addresses" and "specifications" tabs.

The consolidation contract is not directly linked to the protocol, any 3rd party could spin one up without permission (ex like bantegs looper). In this case while it was not a Core Contract we did display it on the Olympus FE.

dr00

z_33 I was also curious about that, especially given it was deployed by the same contract deployer that creates contracts like the Olympus Heart, and other vital core contracts.

As an avid cooler loan user, I was intrigued by the feature. I approved the contract and then decided to wait until I got closer to approaching my next cooler due date.

Needless to say, as one of the largest affected users, I am praying to be made whole and would greatly appreciate your support!

z_33

dr00 Olympus protocol and community has a great history of making sure people are made whole. So I wouldn't worry about that part 🙂

dr00

z_33 I have remained calm knowing this to be the case, just making sure I say it 🙂