Moola Market Proposal 10; Unpausing
Moola Market protocol is currently in a paused state for all actions including deposit, withdraw, borrow, repay, and transfer of mTokens. A history of events from the attack can be found here. Below is a summary of the current state of the protocol. Based on lots of hours of work and feedback from community members, we are proposing these next steps as a pathway to safely unpause, restore trust, and do right by Moola users.
The protocol has uncollateralized debt in the amount of:
The Moola 6-of-10 multisig address holds tokens returned by the attacker. The attacker did not return 700,000 CELO. We propose to use the returned tokens to repay uncollateralized debt:
The Moola treasury address holds the following tokens. We propose to use mCELO, mcUSD, and mcEUR tokens to repay uncollateralized debt:
The attack addresses (here, here, here) hold mTokens. We propose to reclaim these tokens and use them to repay uncollateralized debt:
Between blocks 15688259 and 15689155 (attack start block through pause block), a number of addresses withdrew MOO-mCELO from the Ubeswap liquidity pool, contributing more than 672,115 in uncollateralized CELO debt. We propose to swap MOO for mCELO with these addresses returning them to their pre-attack state and use the mCELO to repay uncollateralized debt:
Between blocks 15688259 and 15689155 (attack start block through pause block), a number of addresses swapped out of MOO, which contributed more than 258,776 in uncollateralized CELO debt. We propose to swap MOO for mCELO with these addresses, at the rates they swapped at during the attack, and use the mCELO to repay uncollateralized CELO debt.
The MOO-mCELO liquidity pool is currently priced at 1 MOO = 3.191 mCELO and has:
We propose to deposit MOO and withdraw mCELO, setting the pool to the pre-attack ratio of 1 MOO = 0.023772784 mCELO and using the mCELO to repay uncollateralized debt:
The above proposals combined still leave the Moola protocol with uncollateralized debt amounts of:
We propose to reduce mCELO and mcEUR holders address balances to account for the remaining uncollateralized debt:
We propose to compensate mCELO and mcEUR owners for their haircut by distributing MOO tokens from the treasury (locked for 12 months):
Risk Parameter Proposals:
We propose to adjust the loan-to-value and liquidation threshold for CELO, cEUR, cREAL, and MOO to the following risk parameters:
We propose to freeze the MOO reserve. A frozen reserve doesn’t allow any new deposit, borrow or rate swap, but allows repayments, liquidations, rate rebalances and withdrawals.
We propose to give borrowers at least a 48-hour grace period to repay debt and/or top-up collateral, without risk of liquidation by setting interest rate curves to their pre-attack levels and only allowing deposits and repays during the grace period. We propose to then unpause borrows, withdrawals and liquidations.
We propose to pass lending pool admin rights from MOO owners to the 6-of-10 Moola multisig address, which was the lending pool admin before the current governance system was launched. If passed, MOO owners retain the ability to propose and vote on proposals via snapshot, but implementation of proposals must be effectuated by the multisig. In the event of an emergency, the multisig has authority to quickly move unilaterally.
We propose, for this proposal, to reduce the voting period from seven days to one day.
A vote ‘For’ signals a desire from MOO owners to execute the above described proposals.
A vote ‘Against’ signals a desire from MOO owners to shutter the Moola protocol by; repaying uncollateralized debt with tokens held in the 6-of-10 multisig, adjusting mToken balances to account for the remaining uncollateralized debt, fixing asset oracle prices at the pre-attack values, setting interest rates to 0%, and only allowing repays and withdraws.
Technical details for this proposal can be found at: https://github.com/moolamarket/moola-fix
We anticipate that this attack will ultimately make the Moola protocol more conservative and more resilient against future attacks. We intend to continue to help steward the Moola protocol to a prosperous future where everyone has equal access to credit and yield.
