Updates - Flash Loans and securing the Maker Protocol

Edit: Executive is now live. Please vote now!

See previous post if this is news to you: [Urgent] Flash Loans and securing the Maker Protocol

As promised, I’m providing an update now the current hat exceeded 100k MKR. The next steps are now as follows:

Post Executive Spell on Friday at 16:00 UTC (usual time)

As mentioned previously, the contents of this spell are as follows:

  • A GSM pause delay increase from 12 hours to 72 hours.
  • The Oracle Freeze Module (OsmMom) will be deauthorized.
  • The Liquidations Freeze Module / Circuit Breaker (FlipperMom) will be deauthorized.

We are aware that disabling the Oracle Freeze Module and the Liquidations Freeze Module increases risk in other areas. We feel that the Oracle and Liquidation risks are less than that of governance attack especially given the additional lightfeeds and box parameter.

72 hours was chosen given that it stretches across at least one working day, regardless of the timing on the governance attack. This gives Governance more time to secure the hat, and domain teams time to prepare an action to cancel the plotted spells.

Give that the amount of MKR on that hat has meaningfully increased, the Smart Contracts Domain Team and the Governance Facilitator are comfortable deploying an additional executive vote.

Friday was chosen as it matches the usual schedule and should mean that more MKR Holders are prepared to move their MKR in a short time after the spell is deployed.

Please note that the new governance portal contains functionality to vote for both the current hat and a new proposal (screenshot below.) Making use of this functionality will help to ensure security while both executives are active.

Thank you to everyone that has helped to secure the hat.


A quick note about supporting old and new proposals…

As LFW stated, the “Keep my MKR on old proposal to secure the Maker protocol” checkbox allows MKR holders to support both the new proposal and the current hat, thereby helping to prevent the amount of MKR in support of the hat from falling dangerously low as a new proposal gains support. Assuming comprehension of this concept, let’s expand upon the rules for when the checkbox does or does not appear:

The checkbox “Keep my MKR on old proposal to secure the Maker protocol” is checked by default and appears if:

  • The old proposal a user is voting on is the hat, and
  • The new proposal a user wants to vote on is below the current hat in MKR weight

The checkbox changes to a “concentrate all my MKR on this proposal” button if:

  • The proposal a user is looking at has not yet passed, and
  • The user is currently voting on a slate with multiple proposals

The checkbox changes to “Add MKR to secure the protocol” button, if:

  • The user is looking at the current hat and has not voted on it yet

This small enhancement should make it easier to retain your support on the existing hat while adding support to a new proposal.


question… with MIP25: Flash Mint Module also not having a maximum constraint (as I understand it), if implemented couldn’t this tool almost be used against MKR Governance by being able to mint almost unlimited DAI to acquire MKR via flash loan and attack the system? I would think we definitely would want to constrain the maximum DAI minted with MIP25.

The limiting factor for Maker governance is the amount of MKR liquidity in the market, not the source loan size.

Also, there is a debt ceiling limit we can artificially impose if we want.


I would think for this exact scenario we need to ensure Maker cant be used to game Maker… In my eyes, we must have a debt ceiling on it…

To clarify, the risk from MKR being available is already present regardless of the availability of MIP25 (at any debt ceiling). Currently the amount you can flash loan yourself is higher than all MKR liquidity I believe, so adding in MIP25 won’t increase the danger for this specific type of attack.

That being said, I agree with putting in a reasonable debt ceiling at least to start. Things may get weird when you can print more money than exists in all DeFi.

1 Like

agreed… I get that… but MIP25 would allow for anyone to use all of the global liquidity of MKR to do a flash loan… most flash loans now have a collateral somewhere that allowed the loan to start…

as I understand MIP25, it is a flash loan on acid … as the amount of DAI avail doesnt have a limit… so in theory, an attacker could use ALL MKR instead of only some.

This is not the case. Flash loans by their nature require no collateral. In fact if you start at dydx as a flash loan provider, you don’t have to pay anything but the transaction fee.

To get access to all MKR liquidity you will need to pay the fees / slippage on Uniswap and Balancer, but currently all 15k MKR on Aave is free to use. This is what B protocol did and they paid nothing.

This is correct, but only in that their is no counter-party required to lend the money.

As I understand it with dydx, you still have to have some collateral to start… the more collateral the bigger the flash loan.

Nope. It’s completely free.

1 Like

interesting… but dydx is still constrained by its own max supply of DAI… no?

point still being that when / if we unleash unlimited DAI to do a flash loan on the market… insane thing might happen. as a user could buy all {insert name of token} and vote / sell / whatever… a reasonable debt ceiling should be imposed (with specific emphasis to ensure that DAI from maker is never enough to be used against MKR governance). My sense of it… at least…

Yes dydx is constrained by it’s own supply, but it’s currently enough to borrow all MKR on Aave. There is around 20M worth of ETH available and 7M DAI, and only 22M worth of MKR on Aave. For the other platforms you would have to start paying for fees anyways. You may be able to save a bit of money with MIP25 initiated with 0% fees, but it doesn’t make a large difference from the current situation is all I’m saying.

excellent point …

1 Like

I think 72 hours is too long. If everyone recalls, on Black Thursday even a 24 hr delay was brutal when we needed to make changes to the system.


If MKR tokens are placed on the Maker platform, will it cause less damage than AAVE?

Should we compare the advantages and disadvantages of each.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.