Fight back for Black Thursday

I would like to ask if anyone is currently working to find and prosecute the perpetrators of the Black Thursday incident that occurred over a year ago? Are there any MakerDao lawyers working on it? If so, are there any results of the investigation that can be published?

  • If no one is looking into it, might it be worth considering that we already have the resources to somehow fight back against the attacker?

It would be worth devoting an appropriate amount of money to this, because it might be a deterrent for small fish to see that the Maker is not going to be robbed either, but will go after the perpetrators by any legal means.

My understanding, is that you get compensated for the amount you lost at the time in the local currency (dollars). Which is actually very little probably around 5% of the vault amount max. So overall the max amount would be probably way less than 1m. The current reserve should be largely enough to cover this type of expenses. Even if maker has to pay for the full amount it is probably going to be less than 10m.

Then the process should be, I believe. First the judge will give the judgement against the foundation ( as they are the only legal entity). If the judgement is not executed, the defendant will need to do an action to enforce the law. That where it becomes complicated but I do believe we won’t come to it. Governance or the foundation should accept the judgement and pay.

But that is my 2 cents.
Please feel free to correct me :wink:

Sorry, I may have asked my question in a misleading way. I was not liquidated at the time, but it was a loss for the system and therefore for the MKR owners.

I wanted to ask if there is currently any procedure to trace the person behind the addresses or we just let them run.
Like this guy:

Do we really want this type of publicity for 4 or 5M?
Let’s just forget and move on, we have bigger fish to catch.


But doing so breaks with the main principle of MakerDAO’s decentralization.

While attacks are bad and damaging, the protocol itself will look for the best way to deal with possible flaws or breaches.

Would have been probably ideal to have followed the money back then (not sure if anybody did) – by now I would think the perpetrator used something like Tornado Cash and spun-it like a whirlpool… what to do… stay diligent I guess…

I understand your point of view, the system has learned from its mistakes and is healthier today, it has been able to overcome it, we are happy now and that’s the point.

However, you are wrong if you think the damage was only 4-5M. The total collateral damage is probably an order of magnitude greater than that. Think of the losses suffered by MKR owners because of panic selling of their MKRs at below price. Think of the loss of confidence that still continues today. And if this event were to happen today, there may not be enough in the value of the treasury to cover it.

I think you’re sending a message to the perpetrators that “Look, we’ve forgotten what you did, come rob us again next time, no consequences.”

I think this is not a good message for them.

Yes, I also think that they are long gone or they live in a place where they cannot be reached.

But it might be worth a try, and not we should be the ones working on this. I think you’d also like to see all those taxes we have to pay, sometimes working for us. A lot of smart people work for the state too.

Let the tax dollars work for us.

ps. I don’t want to come across as an idealistic dreamer, I see minimal chance of this producing any results. But however small the chance, it is more than nothing.

I am not even sure we should call them a ‘perpetrator’…
They just tried to bid 0 DAI, and He won… :man_shrugging:
Can’t really blame the guy/girl.


Perhaps–but if you were “hurt” by a harmful act, then–indeed “perpetrator” can be used in this occasion. And as you know, a lot of people were hurt, including this DAO. Was it a crime— not in this ecosystem–was it illegal–absolutely not–was it painful for some humans–in my opinion, yesssssss it was–who wants to be robbed? It violates the inner core of a human.

I think the approach of learn from it, ensure we have adequate loss reserves, and move on is the correct move here. Gotta agree with @iammeeoh that it’s counterproductive to blame someone for bidding $0 when a bid of $0 can be accepted within the rules.


I see it very differently. I think it was a deliberate attack, specifically designed to gain value by exploiting a momentary flaw in the system.

Perhaps the word looter rather than perpetrator is more appropriate. Let’s take an example: if an program error causes a vending machine to dispense goods of high value without payment, the error makes me the owner of the goods?

I’m m not a lawyer, I could be wrong, I would be very grateful if someone who knows the law could give me an opinion.

Here is my opinion:

First, Laws are a big line which is negotiable.
Second, laws are different from one country to the others.
Third, it seems to be a full topic that needs to be written in every country.

It seems time consuming, money consuming, and definitely not effort less. We don’t have time, money wise I doubt it is going to worse it, and we can’t even push simple things without a huge effort.


This is infeasible, would waste time, resources, and could potentially hurt our reputation. We defend against attacks by improving our protocol–ideally before something goes wrong but that doesn’t always work out. We have neither the time, resources, nor motivation to carry out such a prosecution.

I understand what you’re saying, but that’s not really how we operate from what I’ve observed. The losses have been or shortly will be recovered (by the protocol, not necessarily vault holders) and we have bigger fish to fry, like getting RWA spun up finally.


I think that if somebody bid zero value for something, it means he didn’t pay for it, and therefore he couldn’t have won a valid auction. If he only bid 1 cent on it, that would be a valid contract since he won the auction at a super discounted price… but he paid nothing for it. To retain the value acquired in this way, it may be illegal.
What do you think?

Thank you all @Saludiego_201 @iammeeoh @alexis @ElProgreso @PaperImperium @ccc for shedding light on the other side of the coin with your valuable answers. OK, I understand now, lack of resources overrides the legitimate interest lets focus on more important things.


You can always come to the forum to solve your doubts.


From the Basecamp founder Jason Fried—a letter to employees (Taking the Coinbase route when it comes to “mission focus” and keeping politics out)

  • No more lingering or dwelling on past decisions. We’ve become a bit too precious with decision making over the last few years. Either by wallowing in indecisiveness, worrying ourselves into overthinking things, taking on a defensive posture and assuming the worst outcome is the likely outcome, putting too much energy into something that only needed a quick fix, inadvertently derailing projects when casual suggestions are taken as essential imperatives, or rehashing decisions in different forums or mediums. It’s time to get back to making calls, explaining why once, and moving on.”*

You’re right, best to move on…