--- tags: G&R --- # Episode #215: November 10th, 2022 ## Agenda - [0:00](https://youtu.be/GutK5dsJklI): Introduction - [3:04](https://youtu.be/GutK5dsJklI?t=184): Votes and Polls - [4:20](https://youtu.be/GutK5dsJklI?t=260): MIPs Update - [7:25](https://youtu.be/GutK5dsJklI?t=445): Weekly Forum Recap - [10:00](https://youtu.be/GutK5dsJklI?t=600): Discussion: Defender Contracts Against Gov Attacks - [42:28](https://youtu.be/GutK5dsJklI?t=2548): Discussion: Modify Emulated SB Upper Limit - [1:13:24](https://youtu.be/GutK5dsJklI?t=4404): Conclusion ## Video [Link](https://www.youtube.com/watch?v=GutK5dsJklI) ## General Updates ### Votes #### Payton Rose [3:04](https://youtu.be/GutK5dsJklI?t=184) ^{**Visit:** [_Voting Portal_](https://vote.makerdao.com/)}</sup> > **Votes:** > - *Polls:* -- [3:07](https://youtu.be/GutK5dsJklI?t=187) > - *Executive Proposals:* -- [3:18](https://youtu.be/GutK5dsJklI?t=198) ### MIPs #### Pablo [4:27](https://youtu.be/GutK5dsJklI?t=267) ^{**Visit:** [_Weekly MIPs Update #112_](https://forum.makerdao.com/t/weekly-mips-update-112/18708) & [MakerDAO Votes and Polls Public Calendar](https://calendar.google.com/calendar/embed?src=bdf4un05hpg0611lg3ieue4t3c%40group.calendar.google.com&ctz=America%2FNew_York)} ^{**Important Dates:** _New proposals must be posted by Wednesday, December 7^th, at the latests, to be eligible for the next monthly cycle._} > **Formal Submissions:** > - _Top-Level MIPs_ -- [4:47](https://youtu.be/GutK5dsJklI?t=287) > - _Core Unit Budgets_ -- [5:04](https://youtu.be/GutK5dsJklI?t=304) > - _Miscellaneous_ -- [5:21](https://youtu.be/GutK5dsJklI?t=321) > **Proposals in RFC:** > - _Top-Level MIPs_ -- [5:51](https://youtu.be/GutK5dsJklI?t=351) > - _Miscellaneous_ -- [6:11](https://youtu.be/GutK5dsJklI?t=371) ### Weekly Forum Recap #### Artem Gordon [07:20](https://youtu.be/GutK5dsJklI?t=440) ^{**Visit:** [_Weekly Forum Recap: November 3^rd - November 9^th, 2022_](https://forum.makerdao.com/t/weekly-forum-recap/16247/31)} ^{**Video:** [Link](https://youtu.be/LGAb447_PXc)} > **News & Announcements:** > - [_Build Your Own ALM Model_](https://forum.makerdao.com/t/build-your-makerdao-alm-model/18730) > **Research:** > - [_Vault User Research: Survival Analysis_](https://forum.makerdao.com/t/vault-user-research-survival-analysis/18715) ## Discussion ### MIP91: Defender Contract Against Governance Attacks #### David Utrobin [10:39](https://youtu.be/GutK5dsJklI?t=639) - MIP91 is a new smart contract addition to our existing governance system that gives MKR holders another tool to defend against malicious attacks. It enables canceling a past executive vote waiting to be executed within the GSM pause delay.  [13:31](https://youtu.be/GutK5dsJklI?t=811) - **Astro:** The purpose of this MIP is to defend Maker against Governance attacks: where the attacker has enough MKR to take over and pass potentially malicious executives. - The distribution of MKR could end up concentrated in a few people's hands. - When there is a potential attack, there will be misinformation. - If we can stop a malicious executive without shutting down the protocol, that would be preferred. - TLDR version: if MKR holders think Maker is under governance attack, and the `hat` cannot be retaken, then they can deposit their own MKR into a contract called DSS Defender. Some threshold amount needs to be deposited before the contract is activated, and it can only be triggered once. Once the threshold is reached, the protocol is locked into its current state. [21:12](https://youtu.be/GutK5dsJklI?t=1272) - **Prose11:** Why delegates can't we use the defender contractor for the lockup in particular? - **Astro:** I wanted a version where delegates could use it. However, we currently have a liquid delegation, which causes issues between delegates and delegators regarding the penalty of MIP91. [22:58](https://youtu.be/GutK5dsJklI?t=1378) - **ultraschuppi:** How can you lock your MKR and Dss Defender and put it into the emergency shutdown module? - **Astro:** You can't move it to any address except the ESM. [23:34](https://youtu.be/GutK5dsJklI?t=1414) - **David Utrobin:** Can DSS Defender delay an executive multiple times? - **Astro:** If the attacker has the `hat`, they will spam multiple execs. The Dss Defender will cancel all of them permissionlessly. [24:20](https://youtu.be/GutK5dsJklI?t=1460) - **David Utrobin:** Is it correct that after the cancel duration, the DSS Defender Auto redeploys itself? - **Astro:** That's not true. Check MIP91c3: Post-activation Permissions and Events on the forum for more information. [25:58](https://youtu.be/GutK5dsJklI?t=1558) - **David Utrobin:** Do delegates or other stakeholders have any cons on their minds about this? - **Derek:** An attack where PE deploys a fix to an existing vulnerability where an attacker can reverse engineer the vulnerability by looking at PE's fix within 48 hours. They can deposit MKR into the defender as well. [27:17](https://youtu.be/GutK5dsJklI?t=1637) - **David Utrobin:** Can't the DSS Defender contract be designed in a way where it cancels all except some? - **Astro:** You would end up trusting governance in that case. [35:35](https://youtu.be/GutK5dsJklI?t=2135) - **Prose11:** How likely is such an attack in the first place that e have seen attacks like these? - In terms of severe attacks, the answer is no. If we were ever in this scenario, our only option is the ESM, which would ripple throughout the entire industry. ## Discussion ### MIP84c10-SP1: Modify Emulated SB Upper Limit [42:32](https://youtu.be/GutK5dsJklI?t=2552)    [47:35](https://youtu.be/GutK5dsJklI?t=2855) - **Psychonaut:** The idea is to change the defaults from the current proposal to a proposal that does not envision immediately taking on considerable leverage. [53:06](https://youtu.be/GutK5dsJklI?t=3186) - **Chat:** The Starting Capital defines the DC. The initial 20m would be divided by 1.25 to define the Lower Limit. If there is some Excess Dai which is the remaining amount of Dai in the Surplus Buffer, and if there is something about the Upper Limit, this Excess Dai will effectively become part of the Starting Capital. [57:19](https://youtu.be/GutK5dsJklI?t=3439) - **Psychonaut:** The Collateral Ratio defines the Lower Limit. And because there is a sub-proposal to change the Collateral Ratio, the Lower Limit can also be changed by it. - **David Utrobin**: If the Upper Limit was set high to the point where we do not have Excess Dai. Does it mean we would have zero Starting Collateral? - **Psychonaut:** No, because Starting collateral is defined as its parameter. - **Payton Rose:** Once that happens, if the Upper Limit does not change, the initial MIP suggested is at 40 million Dai, so if we accrue more than that in our Surplus Buffer, we would be automatically expecting to lever it back in. If you raise the Upper Limit, then that re-up levering would only happen at the Risk CU's direct wishes, which is mandated with overseeing this and giving monthly reports. [1:00:07](https://youtu.be/GutK5dsJklI?t=3607): - **Payton Rose:** As the proposal author, why do you feel more comfortable with Dai emulating as the Surplus Buffer instead of a leveraged ETH position for backing Dai? - **Psychonaut:** If we have a leveraged position in stETH, we risk the protocol becoming insolvent. We have a Surplus Buffer to sustain losses if some of the collateral goes bad and does not become insolvent. If we have the Surplus Buffer in Dai, we know that buffer against losses will be there when needed. If it is stETH, then we do not know. [1:02:07](https://youtu.be/GutK5dsJklI?t=3727) - **PaperImperium:** I would like to see an effort to define and separate Dai held as loss reserves. - **monet-supply:** The flip side of the scenario is that Maker's capital at risk tends to increase in bull markets. - **ElPro:** People who are fully sitting on ETH are much more comfortable than those sitting on other things. If you are holding ETH, you are not feeling much pain. This helps build a lot of DAI backing into decentralized collateral. It gets away from the addiction of being backed by USDC and others. [1:05:21](https://youtu.be/GutK5dsJklI?t=3921) - **Payton Rose:** ETH is super collateral. Liquid State Derivatives will play a huge part in this ecosystem going forward, and getting your hands o a bunch of them sooner rather than later could prove quite lucrative. It is also powerful to keep in mind that these are yield-bearing assets. - **Psychonaut:** stETH is a great asset, but it is one thing to invest in that asset without leverage, and another thing is to invest it with leverage. If you are trying to keep your loss reserve safe, then you do not use leverage. - **ElPro:** You have to weigh what risks you want to take and how safely you want to think. With the lower mint and the upper mint, and with the risk involved and analyzing it, it is worth giving it a try. There is a lot that still needs to be figured out. [1:07:57](https://youtu.be/GutK5dsJklI?t=4077) - **Payton Rose:** Why did you pursue raising the Upper Limit instead of trying to stop this entirely from happening? - **Psychonaut:** I was tempted to stop it from happening, but there seems to be a lot of momentum and interest in support of Rune’s idea, and I want to respect that. It was the minor change I could make to reduce the risk that Maker would be taking on with the POVE. [1:10:40](https://youtu.be/GutK5dsJklI?t=4240) - **Payton Rose:** This Vault Engine is still being developed. Some technical aspects might force our understanding to change slightly, but this is the intention of Rune's MIP and what the DAO will be trying to carry out since it was passed. - **Derek:** The technical work is already known. It is ordered, so we will see what comes back, pending any feedback from it. [1:13:56](https://youtu.be/GutK5dsJklI?t=4436) - **Robert:** Quick update that relates to MIP 81. We are trying to confirm and evaluate the timing of the two solutions' overhead. There is the one listed in the MIP and the one with the smart contract. The smart contract approach continues to lead with a shorter overall implementation time and reduces risk in managing USDC. PE has reviewed and provided feedback on the smart contract. Again, indications are that the smart contract approach is faster than finding a new arranger, which is the traditional custodial approach. With the smart contract approach, no monies are transferred in the real world, allowing us to use an existing arranger like Monetalis and formalize the arrangement with Coinbase. - Feedback from Strategic Finances shows that this could be implemented by December 7th. We are working as hard as we can to complete it this year. Reach out to us for any questions. [Suggestion Box](https://app.suggestionox.com/r/GovCallQs) ## Credits - Andrea Suarez produced this summary. - Kunfu-po produced this summary. - Everyone who spoke and presented on the call.