Aave <> Bored Ghosts Developing. Phase 4

phase-4-ghosts


Summary

As continuation of the engagement finished 1st October, present to the Aave DAO a proposal for BGD to continue as provider of development and security coordinator services.



Motivation

Time flies in DeFi, and it has already been two and a half years since BGD started working for the Aave DAO.
During this time, the market has gone up and down, new protocols have appeared, and CEXes have fallen. But the Aave protocol remains, and, following almost any metric, it has grown.

Together with the work of other service providers, we want to believe our contribution has had an important role in both the stability of Aave (creating solid trust) and the growth itself, with tech enabling all new types of use cases while maintaining the highest standards of security.




During the last 3 engagements between BGD Labs and the Aave DAO, all pieces of the Aave infrastructure have been worked on: the Aave protocol itself with new versions and maintaining the current ones, the Aave governance, bridging infrastructure, all rails for expansion to new networks and use cases, supporting non-technical contributors to maximise their value without being blocked by tech; basically everything.

The motivation/goal of this new engagement is:

  • Keep the stability and trust in the Aave technology.
  • Innovate responsibly on production systems.
  • Support all other non-tech contributors to the DAO, accelerating progress.

In summary, the same as before, but always striving for better.



Specification


Aave <> BGD Phase IV (continuous) scope

The scope of this Phase IV builds upon all previous phases, and as commented, is focused on continuous maintenance and development of the Aave ecosystem technical infrastructure, in combination with security coordination and support to other contributors.

More specifically, the services include the following:

  • Propose improvements on top of the current Aave v3.2 production version. This will include minimum a v3.3 and v3.4 versions, but with quite certainty, more.

    Additionally, we have several other ideas to improve the core protocol, which will be unveiled to the community as soon as the feasibility research is positive.

  • BGD will take back the scope of deploying to new networks and pool instances. As commented on our Phase 3 final recap, we identified that having different entities on the deployment stage of Aave v3 creates more overhead than benefit. So we think for Phase IV it is more optimal to get the following entities involved in the activation procedures:

    • BGD Labs will perform all the pre-governance proposal stages (deployment of required smart contracts, adaptation of all tooling, and development of the activation proposal itself).
    • As it currently happens, Certora will review the on-chain governance proposal once submitted, in order to have redundancy.
  • Maintain Aave Governance v3 and a.DI. In this phase, the effort will be on improving the user interface owned by the Aave DAO, and on the a.DI side, increasing even more the visibility on the infrastructure (on https://adi.onaave.com/), streamlining upgrade procedures via governance proposals, and on-demand, enabling new paths and bridge providers.

    Additionally, with the rollups ecosystem evolving (e.g. ZK-based), we will once again evaluate the expansion of voting to other networks, an item we removed priority on the previous engagement as the return of resources investment was not there.

  • Aave bug bounty program. After already close to 1 year of the Aave <> Immunefi bug bounty being active, we plan to make certain improvements to it. Same time, we will remain as reviewers, addressing all the submissions and the different stages until bounty payment.

  • v2 further off-boarding. At the beginning of the previous Phase 3, Aave v2 pools were still very meaningful instances of the protocol, both in size and usage. Currently, different off-boarding initiatives (both from us and other contributors) have reduced a lot the role of v2 in the ecosystem versus v3. During this engagement, we will proceed/support further proposals for off-boarding of v2, with the target being reaching a scenario where only very major assets stay (e.g. WETH, stETH, USDC, USDT), but everything else naturally gets finally migrated to v3.

  • Focus on Aave Stewards and additional infrastructure delegation. We believe the path of using what we name the Stewards pattern is most probably the future direction of Aave:

    • The Aave Protocol (v3) is the base layer of smart contracts, enforcing the highest-order validations and general settlement logic. Decentralized, with only the Aave Governance having “super-admin” control.
    • The protocol delegates operational/management functions to other smart contracts, the Stewards. These are highly constrained on-chain agents, that allow for faster and more optimal operations, but that can lose this power at any point if the Aave Governance decides so, and with low capacity to create any damage on the protocol.
    • Currently, the Stewards are focused mainly on optimizing risk parameter updates, but we envision extending this pattern to multiple areas, for example, finance (a Finance Steward is in the advance stage by the treasury contributors).

    Our role in Stewards development will involve 1) defining an approach that is scalable enough for the current and future needs of the DAO 2) developing the core Steward contracts we believe require our involvement 3) if optimal, supporting other contributors to create their own Stewards, or modifying existing ones for the needs of the DAO.

  • Umbrella support post-release. In Phase 3, we included a separate scope for the creation from scratch of Umbrella, a new version of the current Aave Safety Module. Scheduled to be released pretty soon, the project will require post-release support, mainly in the shape of:

    • Supporting non-BGD contributors involved in all Umbrella operations, for example, regulation of incentives, and risk considerations like choosing correct targets.
    • Improvements post-release.
    • Iterating on tooling after the initial effort included with the previous Umbrella scope.
  • Aave protocol security coordinator. Same as in our previous engagement, this involves:

    • Continuously evaluate technical risks for Aave.
    • Address events involving any vulnerability affecting Aave. This includes also creating governance proposals if required.
    • Act as technical support for the Aave Protocol and Governance Guardians: define and document plans of action, communicate with both of them whenever a reaction is needed, and also properly disclose to the community activity on Guardian.
  • Aave proposals reviews. We will review all governance proposals before they go on-chain, the same as we have been doing last year. This acts as the first layer of security and quality, minimizing any potential issue to be detected on the on-chain stage by Certora, on their line of contribution.

  • Maintenance and improvement of all tooling of the Aave ecosystem. During the previous phases, we created multiple tools and projects on the off-chain side of Aave, like Aave Address Book, the Aave Proposals repository, Aave Helpers, the Aave Config Engine and a myriad of others. During this new Phase, we will keep improving them and creating anything new needed.

  • Analysis for candidate networks to activate Aave v3. Even if the plan on the previous scope was to off-board network analysis, finally we decided to keep performing them ourselves, as the overhead of supporting another entity would not have been good resource allocation.

    In this new scope, we will continue performing this analysis.



DURATION: same as with Phases II & III, 6 months: starting from the moment the previous engagement ended (1st October 2024) and lasting until 1st April 2025.

BUDGET: 2’300’000 in stablecoins and 5’000 AAVE, 50% paid up-front and 50% streamed during the 6 months engagement.



What is NOT part of both the scopes

Similar as on Phase 3, we want to be explicit on what is not included in our line of contribution:

  • We are a technical provider of the community, we don’t do any type of business development and/or growth, that should be responsibility of other parties.
  • We don’t do security reviews on major developments of other contributors. We offer our security advisory for minor projects solely benefiting the Aave DAO, but on bigger scopes (e.g. something like GHO), that is up to parties engaged specifically on security, like Certora. On our side, we only do a best-effort review if we deem it appropriate.
  • We will provide feedback on design of projects that we don’t lead only whenever the project is 1) of technical nature and 2) the final design is flagged as “ready” by the contributor. Given our expertise, we have pretty strong stand in architecture and design decisions, which can create conflicts if no framework is defined.
  • We only work on projects with TEMP CHECK Snapshot passed (e.g. reviews). With the activity on the DAO increasing day by day, unless a filtering of projects is applied, it is not really manageable for us to support any project in pre-TEMP CHECK stage, unless we identified a clear need from our side.
  • We are not running services on behalf of the DAO, we design them to be ran in a decentralised manner, or by parties with the proper role to do so. Any tool we decide to run on our infrastructure (e.g. hosting of one instance of the Aave Governance v3 interface) is our own decision, outside of the scope of engagement.
  • Very ad-hoc projects will depend on the pipeline of priority, and potentially will be budgeted/estimated independently, if we see they will have important implications on the scope that we need to fulfil and/or not fitting in this initial estimation. For example, any projects like Umbrella will be budgeted apart, and we don’t disclose them at the moment, due to being in feasibility research phase.


Terms of Service

A formal Terms and Conditions document for the engagement for services between the Aave DAO and BGD Labs can be found HERE.


We would like however to highlight again the same high-level points as on Phase 3, which we thing are very important for the ethos of the DAO:

  • Major projects IP and licensing belongs to the Aave DAO. As a service provider to a DAO like Aave, we have an obligation to defend the interests of our customer. For that reason, the core software (e.g. all on-chain smart contracts to be used by the DAO in production) we create during our engagement are licensed to the Aave DAO governance smart contracts. This applies but is not limited for example to new Aave v3 version, Aave Governance v3, a.DI or others; systems that we consider highly innovative and not only improve the efficiency of Aave, but increase the overall value of the technology owned by the DAO.

    To insist on the previous fundamental implication:

    • The Aave DAO is the sole owner of the intellectual property and licensing of those projects.
    • It is entirely up to the DAO to decide how to use and/or commercialise them, not to BGD Labs.
    • Our benefit from those projects is the fee we receive from the DAO for developing the software.

    Even if already doing it by commercialising all the different Aave products, we believe in the near future IP and licensing commercialisation is something the DAO should put focus on, at the same time common good infrastructure is released.

  • BGD doesn’t decide what gets activated/applied in Aave. We create the software and the technical proposals to activate said software, but it is and will always be up to the DAO governance to decide if that software should be enabled in production.

  • No software is flawless, but we pursue it. Historically, no major problem has been detected on the developments we did for the DAO, but it is impossible to assure from our side that all software will be flawless. However, we have a firm compromise of always following solid security standards and procedures, to minimise any potential impact.

  • We don’t work with competitors of the Aave DAO. To do the type of work we do on Aave, the community should trust us as service provider. To avoid any type of conflict, we compromise to not work with any competitor of the Aave DAO for any type of financial gain.



Disclosures

BGD Labs has no meaningful commercial relation with entities that could create any type conflict of interest on the scopes of this proposal.
Similar as during the previous years, the majority of our focus is on core development and security services on Aave (exclusive provider): we have absolutely no engagement with any entity that could be perceived as competitor of the Aave DAO and we will not during the duration of this Phase 4.



Next steps

After some days in this forum for the community to comment on, we will create an ARFC Snapshot for pre-approval of the services engagement.
If positive, we will proceed with an on-chain AIP.

During this period (since 1st October) where we technically have no engagement, we will simply continue doing the same work as before, without stopping any of the on-going projects/developments.

14 Likes

BGD’s record of achievement speaks for its self, budget acceptable very much in favour of renewing.

4 Likes

We favour renewing BGD’s engagement, as a service provider they have been valuable to the Aave DAO’s day-to-day operations.

2 Likes

BGDLabs has done so much technical improvements and security reviews, also with upcoming new implementations like Umbrella.

I think it’s reasonable and fair to support Phase 4 given their team is quite big and work has always been outstanding with 24/7 availability.

4 Likes

We said it before, but we want to say it again:
As we’re working daily with the team on different technical projects, we can attest that BGD is a top team of experts with dedication to both the protocol and the DAO.
Every project is done with full accountability to advance the protocol forward while keeping the existing funds safe.
Their work goes way beyond smart contract development - tool building, defining procedures and coordinating additional teams. They are a big reason that Aave is experiencing the growth that it experienced lately, along with the other SPs.

This is why we are in big support of phase 4 of BGDLabs.

@MrKris what are achievements?:smiley: :grin:

Check this and all the previous posts by BGDLabs and you will find out. Next upcoming will be Umbrella. Big upgrade.
Just recently Aave 3.2 and liquid eModes as an example.

4 Likes

Great to see another phase from Bored Ghosts, one of the earliest service providers contributing to the Aave DAO, who have always been available whenever needed.

Leaving some feedback and my opinion:

  • Whenever there is a new smart contract upgrade to the protocol, it’s important to follow a deployment strategy that minimizes risk and potential surface impact. For instance, when an upgrade involves assets or accounting (e.g., the pools), the protocol can be updated first on a single network with low TVL, followed by subsequent deployments on multiple networks. Although we have seen successful upgrades across all networks in the past, and the BGD team is one of the most diligent teams I have worked with, there is always some inherent risk in these deployments. With the protocol now holding over $20B in net deposits, a standardized procedure for this should be adopted across all contributors. Similarly, networks that are not fully EVM-compatible (such as ZKsync Era) could warrant a separate deployment strategy, especially as the TVL on these networks grows.

  • Overall, I personally do not recommend too many changes to the existing V3 codebase unless these upgrades are necessary or involve clear security improvements (as we saw with recent upgrades). The stakes are too high to risk altering the deployed codebase with such significant TVL. From external point of view, any upgrades to the existing code base can be viewed as a risk surface.

  • Over the years, the community has worked with various auditors on the codebase, and while some have been great, it has been challenging to find consistency in the quality of the auditing work. BGD has done an excellent job sourcing new auditors and security engineers, which has been a significant improvement. However, as a community, we should continue investing in the protocol’s security, ensuring we work with auditing firms that not only demonstrate quality output but also have an established brand and a deep understanding of the Aave Protocol, especially for critical infrastructure. This is a challenge, as talent within auditing firms fluctuates, and we haven’t always been satisfied with past work. The number of (quality) auditors should increase as well as the stakes are increasing.

  • Regarding voting, this could potentially be moved to the Aave Network (which should also be ZK-based) when it becomes available. I am very supportive of this idea.

  • The bug bounty program could be entirely owned by the Aave community. It’s difficult to see the added value from ImmuneFi at this point. As I understand it, ImmuneFi has been helpful as a third party in reviewing submissions, but I believe there is enough trust within the Aave community and its core contributors to manage this directly.

  • Regarding Aave Stewards, I agree that governance delegation to specialized entities is very helpful, particularly when fine-tuning risk parameters or managing supply/borrow caps. However, as a community, we should also aim to move toward a permissionless approach and immutability over governance delegation where possible.

  • For security coordination, now is a good time to strengthen “offchain” security procedures, especially regarding the role of Community Guardians.

Supportive of the proposal, and BGD has been a great contributor the the Aave ecosystem.

4 Likes

@bgdlabs thanks for the proposal and continued engineering efforts - I’m happy to support

Following the overall positive comments during the past week, we have proceeded to create an ARFC Snapshot to pre-approve the engagement for services.

If the outcome on Snapshot is positive, we will afterwards go to on-chain AIP, which will act as binding agreement between the Aave DAO and BGD Labs.

Voting starts in ~24 hours, participate :ghost:

https://snapshot.org/#/aave.eth/proposal/0x2dfb5a6e770bf7a34ddb5ab05560c24a169c63f84e9e8d373767a5b072f1f21d

1 Like

After the successful outcome of the proposal on the ARFC Snapshot (99.98% For votes), we have created the final on-chain AIP, which will act as binding agreement between the Aave DAO and BGD Labs.

Voting will start in approximately 24 hours, participate :ghost:

https://vote.onaave.com/proposal/?proposalId=193

2 Likes

The engagement for services Aave <> Bored Ghosts Developing Phase 4 has been approved by the Aave Governance on proposal 193, with ~805’600 Yes votes and 0 No votes (100% support).

We appreciate the trust of the Aave community and will continue our work supporting the Aave DAO as the market leader.

1 Like