owned this note changed 2 years ago
Published Linked with GitHub

SEAL Chaos Team

Running Protocol Drills

Slides: https://hackmd.io/@shield3/sealchaos

digraph G {

  graph [bgcolor="#181818", fontcolor="white", fontname="Courier New", fontsize=18];
  node [fontname="Courier New", fontsize=18, fontcolor="white"];
  edge [fontname="Courier New", fontsize=12, color="white", fontcolor="white"];
  
  node [shape=none]; // No shape for nodes to make them look like labels

  subgraph cluster_timeline {
      rank=same;
      "June '23" [fontcolor="lightgray"];
      "July '23" [fontcolor="lightgray"];
      "Aug '23" [fontcolor="lightgray"];
      "Sep '23" [fontcolor="lightgray"];
      "Oct '23" [fontcolor="lightgray"];
      "Nov '23" [fontcolor="lightgray"];
      "Dec '23" [fontcolor="lightgray"];
      "June '23" -> "July '23" -> "Aug '23" -> "Sep '23" -> "Oct '23" -> "Nov '23" -> "Dec '23" [style=invis]; // Invisible edges to establish order
  }

  CompoundTabletop [shape=polygon, label="Compound Tabletop", style="filled", fillcolor="#00cd89"];
  CompoundLive [shape=polygon, label="Compound Live", style="filled", fillcolor="#00cd89"];
  YearnTabletop [shape=polygon, label="Yearn Tabletop", style="filled", fillcolor="#074bf8"];
  YearnLive [shape=polygon, label="Yearn Live", style="filled", fillcolor="#074bf8"];
  AaveTabletop [shape=polygon, label="Aave Tabletop", style="filled", fillcolor="#8968a3"];
  AaveLive [shape=polygon, label="Aave Live (Planned)", style="filled", fillcolor="#8968a3", style=dashed];

  "June '23" -> CompoundTabletop [dir=none];
  "July '23" -> CompoundLive [dir=none];
  "Aug '23" -> YearnTabletop [dir=none];
  "Sep '23" -> YearnLive [dir=none];
  "Oct '23" -> AaveTabletop [dir=none];
  "Nov '23" -> AaveLive [dir=none];
}

Drill Phases

  1. Reconnaissance: Review public code, documentation, and communications.
  2. Tabletop simulation: Theoretical threat scenarios.
  3. Live exercise: Real-time war room setup on a network fork.

Incite Panic

Practice Emergency Response

Key Takeaways

  • Understanding the core dependencies of the protocol: What happens if they fail?
  • Assessing the adequacy of monitoring systems.
  • Evaluating team preparedness: Do they know the necessary steps?
  • Identifying who holds access and controls for rapid response.
  • Ensuring inter-protocol communication: Who contacts whom?

Infrastructure

Technology Stack

  • Blockscout: Blockchain explorer.
  • Anvil node: For network forks.
  • RETH node: Mainnet backup.
  • Foundry: Scenario planning and configuration.
  • Apeworx scripts: Bot orchestration.
  • Forta nodes: Real-time monitoring.

Blockscout Explorer

Compound

$2.2B in collateral

Scenario

A price feed for a collateral asset in Compound V3 reports inconsistent values.

Impact: Arbitrage bots exploit the discrepancy, accumulating bad debt for the protocol.

Bot 1 - Market Dynamics

Bot 2 - Introduce the Chaos

Bot 3 - Exploit

Monitoring & Detection

Action Taken

Yearn

$170M TVL

Yearn's complexity required a different approach

Pick a strategy

GenLevCompV4

Each Yearn strategy is equipped with an emergency card detailing experts, action steps, and stakeholders.

Scenario

A strategy in Yearn allocates a significant fund volume to a protocol.

Consequence: The protocol is under attack, necessitating fund retrieval to avert losses.

Monitor

Monitor

Respond

Result

Observations

  • Protocol relationships with their 'auditors' extends far beyond initial engagements
  • Choose multisig guardians who have to take regular action on the protocol
  • Risk processes should always produce emergency procedures artifacts

Thank you
Paradigm Shield3 Compound
OpenZeppelin Chainlink A16Z
Gauntlet Forta Yearn
Apeworx Aave Blockscout

And all the SEAL Contributors!

Select a repo