# Sonne Timelock This document will go through steps that failed in Yearn controlling LevSonne strategy and Sonne Timelock controller from my (spalen) point of view. The purpose is not to put the blame but to improve flows in the current flow so it doesn't happen again in the future. ## DD document Due diligence [document](https://github.com/yearn/yearn-strategies/blob/master/dd/sonne.md) was defined on 29th of March 2023. In the section [Monitoring and Alerting](https://github.com/yearn/yearn-strategies/blob/master/dd/sonne.md#monitoring-and-alerting) we defined Tenderly rule that will send alert to Telegram Sonne Committe group. The rule was triggered by two functions in [Sonne Timelock contract](https://optimistic.etherscan.io/address/0x37ff10390f22fabdc2137e428a6e6965960d60b6#code): 1. Private function [`_schedule()`](https://optimistic.etherscan.io/address/0x37ff10390f22fabdc2137e428a6e6965960d60b6#code#L693) that schedule an operation that is to becomes valid after a given delay. It covers both public functions `schedule()` and `scheduleBatch()`. 2. External function [`updateDelay()`](https://optimistic.etherscan.io/address/0x37ff10390f22fabdc2137e428a6e6965960d60b6#code#L806) to track any changes to minimal schedule delay time. During the talks with the Sonne team, they have agreed and [changed delay value from 1 day to 2 days](https://optimistic.etherscan.io/tx/0x82dc6ddb64830e141bc7478d90d8fc82984a22ffe4cbc4cb789219c3227e0fc9), which is standard value in Compound implementation. ## Deployment Here is in-production strategy card that tracks [LevSonne strategy](https://github.com/yearn/yearn-strategies/issues/486). 1. The first version of the strategy was [deployed 29th of March](https://optimistic.etherscan.io/address/0xf957092f3ca7d62c8408e12253b6fb77a40eec91). 2. The second version [fixed configuration problem](https://github.com/yearn/yearn-strategies/issues/512) `blocksToLiquidationDangerZone` was defined in blocks in original strategy but on OP timestamp was used It was [deployed 21st of April](https://optimistic.etherscan.io/tx/0x1b6cf8013ef132b998067d10fc000f111f20d688d7679391fee37aae1dd9f15a). 3. The ownership of the strategy was transferred from me(spalen) to Val John.  ## Tenderly alerts [Tenderly dashboard for Sonne project](https://dashboard.tenderly.co/yearn/sonne-finance/alerts/rules/59a23da7-3502-45d9-a756-0fe0d7833989) here we can see that only one alert is left `updateDelay()` but the more important one `_schedule()` is missing which means that someone has deleted it. Last alert was trigger on 4th of January 2024. After that, zero alerts which leads that someone delete it during that time. Usually, Sonne team used Timelock controller every 2 weeks to withdraw the profits and sell it to reward Sonne stakers. Missing alerts should been detected but it slipped without noticing for more than 4 months.  Tenderly changed their Alert service, and removed the support for the internal function `_schedule()` which deleted our alert. They noted this will happen on 22nd of December 2023 in private Telegram group with Yearn and Tenderly:  ## Conclusion The problem wasn't in the LevSonne strategy implementation. Also, the problem wasn't in having strategy used by multiple vaults. The problem was in not maintaining defined rules and alerts. Monitoring was setup, two different alert, custom bot for bad debt and Tenderly actions for alerting when transaction were schedule to Timelock controller. When deploying the strategy we were are that the team wasn't the most reliable one and that is was set up multiple alerts. All this was specified in the production cards which means that in-production cards are not used or not as useful as it should. Secondly, the strategy ownership is not working. This is probably less issues in V3 because of fee distribution. Additionally, breaking changes like this one from Tenderly shoulda been forwarded to Cantina group or create a dedicated group for all Yearn XY integrations to track breaking changes only. **The strategy is not just the code but also monitoring and alerts.**