One of the busiest days of the year for DeFi featured exploits, rugpulls, protocol pivots, and more.

Never a dull day indeed. 

Today was among the busiest in recent DeFi memory, featuring a hack worth eight figures, a token dump worth upwards of eleven from none other than Ethereum co-founder Vitalik Buterin himself, a significant update on institutional adoption from Aave, and a proposal on Uniswap’s governance forums to turn $UNI into a governance token — a proposal once again courtesy of Vitalik. Rapid reactions, roughly in chronological order (assuming my memory isn’t totally fried from today):

Aave announces permissioned institutional trial pool

As first reported by Cointelegraph earlier today, sunshinecrypto.com/news/defi-lending-platform-aave-reveals-private-pool-for-institutions” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/defi-lending-platform-aave-reveals-private-pool-for-institutions/amp”>Aave currently has a private test pool with institutional investors who are trying out DeFi. 

I had the distinct pleasure of chatting with Ajit Tripathi, the head of institutional business development for Aave (who is also an excellent Twitter follow BTW) about the initiative earlier this morning. The key quote from him is that the test pool is in an “advanced” state, and will likely be live and ready for production as a permissioned market with KYC/AML features soon.

The news set off a flurry of debate in the DeFi community about whether or not institutions and their legal needs — specifically, those KYC and AML barriers — are ideologically and technically compatible with DeFi.

Here’s the reality: in the short term, institutions dipping their toes in will inevitably be a boon for the space. More liquidity, more adoption, more users, more money floating around to fund your favorite projects staffed with wildly ambitious teenagers. Take their cash, their positive press, and shake them down for whatever they’ll give. 

In the long term, their walled gardens will ultimately be a historical blip. Permissioned pools will be slower, less agile, and have less liquidity than the wider space — they’re doomed to fail. This is a first step towards the institutions eventually embracing participation in fully decentralized systems, which is the inevitable endgame.

If that take makes me a bootlicker pandering to our CeFi overlords, so be it. The jokes at my expense have been good at least:

xToken gets exploited

One of the most promising projects in the space was exploited for upwards of $25 million this morning. While the nature of the exploit was complex — effectively merging and leveraging two attacks into one — there’s some argument that simple steps could have mitigated the problem. 

xToken allows users to hold interest-bearing derivatives of core assets like Aave and SNX that require some form of staking and/or governance or protocol participation in order to access their full value. The design is clever, even allowing users to select risk appetite or governance participation philosophy as options — much more nuanced than your standard “index” or “easy” product. 

However, the trade between the synthetic or derivative tokens and their parents is partly to blame for the exploit this morning.

Per whitehat hacker Emiliano Bonassi, the attacker manipulated the Kyber dex marketplace while also simultaneously taking advantage of how xToken calculates the price of their x-token derivatives. As he told me on Twitter, the attacket effectively put “two exploits” into a single transaction:

It’s becoming increasingly clear that using a single DEX as an oracle is irresponsible without some form of time-weighted average price calculation involved, which mitigates the effects of flash loans intended to throw of DEX prices. 

Products like xToken are important for tax efficiency and low-effort participation; here’s hoping they recover.

Sign up to get my bad takes right in your inbox!

Vitalik proposes Uniswap as a stablecoin oracle

sunshinecrypto.com/news/uniswap-flips-bitcoin-on-daily-revenue-and-it-s-more-impressive-than-you-think” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/uniswap-flips-bitcoin-on-daily-revenue-and-it-s-more-impressive-than-you-think/amp”>After a successful launch of their v3, Uniswap has been on a roll. 

Yesterday news emerged that sunshinecrypto.com/news/uniswap-flips-bitcoin-on-daily-revenue-and-it-s-more-impressive-than-you-think” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/uniswap-flips-bitcoin-on-daily-revenue-and-it-s-more-impressive-than-you-think/amp”>Uniswap had flipped Bitcoin in terms of daily fees generated, and this morning none other than Vitalik Buterin weighed in on a possible use for the $UNI governance token.

In a post on Uniswap’s governance forums, Vitalik proposed that sunshinecrypto.com/news/vitalik-buterin-says-uniswap-should-become-an-oracle-token” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/vitalik-buterin-says-uniswap-should-become-an-oracle-token/amp”>UNI effectively become an oracle token, utilizing its high marketcap to create an oracle service similar to UMA’s design, which would use cryptoeconomic guarantees to ensure respondents give truthful answers. 

While Buterin believes an oracle focused on stablecoins could bolster the health of the DeFi space, perhaps most compellingly from a UNI hodler’s persepctive it would finally give the token a purpose.

After all, competitor DEX SushiSwap was founded in part because developers saw an opportunity to fork the project and create a version that did not have a significant team and VC token allocation, as well as offering a token use case beyond amorphous, eventual voting.

While the Uniswap team has said that they intend to transfer to a fully decentralized model where UNI will presumably have more utility, this proposal from Vitalik might give it some purpose beyond speculation as well. Not a great look that you need a future Nobel Prize winner to figure out a use case, though…

(For the record, the Uniswap guys are brilliant and I frequent the protocol with regularity).

Vitalik chooses violence

As Cointelegraph reported, Vitalik Buterin sunshinecrypto.com/news/dog-day-afternoon-as-vitalik-dumps-multiple-memecoins-in-the-name-of-charity” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/dog-day-afternoon-as-vitalik-dumps-multiple-memecoins-in-the-name-of-charity/amp”>sold or donated today huge swaths of shitcoins that developers sent to his wallet in recent months in lieu of a proper burn. Some highlights of the ad-hoc charity drive per former Ethereum Foundation member Hudson Jameson: 

All related tokens are down double-digits, with one of the dog-Elon crossover monstrosities down an astonishing 90% last I looked. My advice to those investors jilted by the events remains the same as the last sunshinecrypto.com/news/title-finance-redefined-puff-puff-pump-on-4-20-april-16-21st” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/title-finance-redefined-puff-puff-pump-on-4-20-april-16-21st/amp”>absurd memecoin washout on 4/20: learn to laugh. 

(As a side note, I enjoyed how people used incoming transactions to effectively turn his account into a graffiti wall — insults, pleas for mercy, and ChainlinkGod cheering him on among the highlights).

Buterin also transferred some 320,000 ETH to a Gnosis safe — one which I suspect won’t accept unapproved incoming transactions, which will prevent this situation from happening again.

Ultimately, I feel for Buterin. He was put in an absured position, with projects sending him tokens as a “burn” in what was ultimately a marketing stunt. Moreover, these projects are forks with little by way of innovation and value add — simply speculation vehicles enjoying unusual success during an even more unusually frothy period in the markets.

It all leads to an ethical tangle: is dumping those tokens moral, given the damage it would do to speculators? Does Buterin hold responsibility for those speculators? Would he hold responsibility for NOT dumping the tokens if he determined the funds could be put to better use elsewhere?

Funnily enough, however, chewing through these questions might be a task he’s especially well-suited for.

A little-known fact about him: he’s read — and I’d argue has been significantly influenced by — the contemporary moral philosopher Derek Parfit. My editor says I need to stop linking to outside material, but forgive me this one, a beautiful profile of an even more beautiful mind.

Parfit’s impact on Buterin is clear. A few years back, while puzzling through the problems of competing stakeholders in a crypto governance context, he posted multiple repackagings of famous Parfit paradoxes:

We’ll wait to see what his eventual blog has to say on the matter, but my suspicion is whatever his justification might be, it’ll be well-reasoned and defended. Turns out he was more pragmatic than some scammer devs expected. 

Other major stories this week:

sunshinecrypto.com/news/rari-capital-falls-victim-to-11-million-exploit” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/rari-capital-falls-victim-to-11-million-exploit/amp”>Rari Capital loses $11 million to exploit

sunshinecrypto.com/news/yearn-finance-surges-45-as-it-joins-dog-pack-with-woofy” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/yearn-finance-surges-45-as-it-joins-dog-pack-with-woofy/amp”>Yearn launches affordable, YFI-pegged dog token

sunshinecrypto.com/news/defi-hacks-on-binance-smart-chain-rise-as-tvl-and-volumes-increase” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/defi-hacks-on-binance-smart-chain-rise-as-tvl-and-volumes-increase/amp”>Rugs on the rise on Binance Smart Chain

sunshinecrypto.com/news/reeling-from-post-hack-price-slump-easyfi-reveals-community-compensation-plan” data-amp=”https://cointelegraph-com.cdn.ampproject.org/c/s/sunshinecrypto.com/news/reeling-from-post-hack-price-slump-easyfi-reveals-community-compensation-plan/amp”>EasyFi releases compensation plan