The No-Loss Lottery, Trading Bot's $1 Billion Exploit, Ethereum as a Libra Validator
|Camila Russo||Jun 25, 2019|
Hi defiers! Here are the most interesting things happening in DeFi:
Smart contracts are enabling a lottery where nobody loses
A trading robot made $1 billion of gains in under an hour on Synthetix
Ethereum community members discuss becoming a Libra validator
There’s Now a Lottery Where Nobody Loses
In traditional-world lottery, one person makes a lot of money and everyone else loses the bit of money they spent on their ticket. In blockchain-world lottery, one person makes a lot of money and everyone else gets the bit of money they spent on their ticket back.
This is how it works. Tickets are sold in DAI (MakerDAOs USD-pegged and ETH-backed stablecoin) and all the DAI is pooled together and lent on Compound Finance to earn interest. After the lockup period (15 days this time), one winner is randomly chosen and gets the interest gained during the time the DAI was locked, while the rest of the participants get their money back.
They only get the money they spent on tickets, not any interest, so they’re effectively gambling away their opportunity cost for a chance to win, instead of gambling away their ticket price plus their opportunity cost.
This would be impossible to do in the non-blockchain world. Lotteries, which are already heavily regulated, would need to get additional licenses to invest people’s money. Getting the small price paid per ticket back to thousands of participants would be a logistical nightmare, never mind that the fees throughout the whole process would make the whole thing inviable. Add to that, that we’re talking about people participating from all over the world.
Thanks to smart contracts, this is being done right now.
Pool Together, the project by software firm Delta Camp launched yesterday, has sold over 1,600 tickets for an estimated prize of 125 DAI so far.
“We started working on this project with the goal of helping low income people generate wealth,” tweeted Leighton Cusack, one of the developers behind the project. “$80 billion is spent on lottery tickets each year just in N. America. If that spending can be changed to savings the impact is massive.”
That’s all very nice, but it doesn’t mean it’s altruistic. The team is taking 10 percent of the interest accrued on the pooled money. That raises two questions: 1) Will that spook regulators? 2) If they open source their code, any team will be able to fork the project and start a new one, with lower fees. That’s great for the end-user, but it’s not so great for their business model.
An avid defier surely did a double-take on that previous paragraph: Yes, the code is closed, which has already prompted criticism. I asked Cusack about that and he said they decided to keep it closed to increase volume, and that it might be open in the future.
“We believe economies of scale are really important at the earliest stage of this idea,” he said. “We thought if we open sourced the code then it would immediately be copied and we'd end up with many pools that had very little Dai in each one. We went through a professional multi-party audit by Quantstamp so the code has all been viewed and verified.”
Pool Together would gain legitimacy if they made their code public as open source is at the core of cryptocurrencies and DeFi. If they do, it doesn’t mean they’ll stop making a profit, but they will have to make sure to have a killer user interface and a bigger prize to compensate for potential lower fees elsewhere.
UPDATE: Pool Together ended up open sourcing their code! That’s the power of crypto Twitter for you :)
Centralization Saves Crypto Derivatives Exchange from Trading Bot Exploit
Crypto derivatives, smart contracts and trading robots, all wrapped up in an early-stage platform. Sounds like a time-bomb, and it did in fact explode yesterday, but nobody got hurt. Cypherpunks won’t like to hear that traders have centralization to thank for that.
A trading robot exploited a bug with the system that crypto derivatives trading and issuing platform Synthetix uses to determine its foreign exchange price feeds, also known as an oracle. The oracle was throwing a price that was 1,000 times higher than the actual Korean won rate. The bot saw an arbitrage opportunity, and made $1 billion of profits in under an hour, according to the post mortem.
The platform offers trading of “synthetic,” crypto versions of FX pairs, so the trades were done between sKRW (synthetic Korean won) and sETH (synthetic ether).
“It APPEARS that this was done automatically by the bot to take advantage of the arbitrage rather than deliberately,” said Synthetix cofounder Kain Warwick in the project’s Discord channel yesterday. “We are asking for the owner of this bot to contact me so that we can resolve the issue. Given the severity of the defect we are offering a bounty to the owner of the bot to help us resolve it.’
In the meantime, the Synthetix team disabled transfers in the exchange to stop the bot from realizing its gains. The robot would have had to trade its sETH for sUSD (synthetic USD), which could then have been dumped on Uniswap or other exchanges that take sUSD in exchange for “real” ether. It’s unlikely the trader would have been actually able to cash out on all of its sETH, since the market for sUSD is very thin. But just trying to do it would have probably crashed prices.
The fact that Synthetix disabled transfers stopped that from happening. But even so, not all users weren’t happy with the decision:
“Soooo, wait a minute?? I have SNX [Synthetix’s own token] in my personal wallet without any sUSD minted. And somehow SNX dev can stop all transactions?? It's an erc20 token. How about my keys = my tokens?” one user said in the Discord channel.
Just like with the open source discussion on the lottery project, decentralization values run deep in the crypto community.
After a few hours, Warwick said the robot owner agreed to convert their balances to the correct values in exchange for a reward, and a few hours later transfers were re-established.
It was a relatively happy ending for everyone: Syntehtix was able to spot a major bug and is working to upgrade to Chainlink oracles (which are also used by Google), the robot owner was paid a bounty, and users’ funds were mainly unscathed. SNX is down about 6 percent, recovering from a drop of more than 10 percent earlier.
The price to pay was compromising on the radical view common in DeFi that everything should be decentralized. Maybe it’s not so bad to have training wheels on in the early stages of a project?
There’s a Chance Ethereum Will Get a Seat at the Libra Table
Leaving you with this gem:
The move would potentially increase interoperability between Libra and Ethereum projects, increase cooperation between both developer communities. Libra would gain more legitimacy in the eyes crypto world, access to talent, and hedge against Ethereum “grassroots community growing independently and outside of the Libra walled garden,” Soleimani said.
It’s not that straight forward to do, but assuming they can, I don’t see much of a downside. What do you think?
Are you liking The Defiant? Please subscribe if you haven’t to get smart about the most exciting thing in blockchain and finance. If you have subscribed, please share!