We would like to communicate to the community that the proposal for the re-activation of Aave v3 ZKSync is ready to be created.
During the time since the previous activation attempt when an LLVM issue was found (described in detail HERE), we have opted for the side of caution and applied the following extra procedures:
- First, just after the detection of the problem, we discussed internally if the ZKSync network was still suitable for Aave. The answer was YES, due to the nature of the problem: a very specific/edge issue on not even ZKSync “native” infrastructure, affecting exclusively Aave in also very specific logic, and on exactly the compiler version we used.
Even if this is not ideal, we understand that compilers (e.g. solc itself) can have bugs, but it is possible to minimise their impact with both extra types of tests and security procedures, like the ones that allowed Aave to not be impacted in production.
We discussed this with both @Certora, security provider of the DAO and the Matter Labs team, and looks like a reasonable/acceptable conclusion. - We have added extra tests on the Aave codebase, both to further detect similar issues as the one detected prior to activation, and others of similar nature. Even if generalise detection of this type of problems can be very complicated/impossible, we are confident that right now the test suite is solid in that regard.
- We updated the compiler version to
1.5.3, and properly verified the same issue doesn’t manifest with it. - Last but not least, the proposal will introduce an extra layer of protection, procedure-wise:
- The supply and borrow caps configured to start with will be very small (~$10’000 value each asset), to perform extra testing in fully production environment just after proposal execution.
- Once that extra testing is concluded (matter of hours or 1 day), as technical service provider we will communicate here on the forum that everything looks OK.
- Just after, the Aave protocol Guardian will be able to raise the caps to the levels pre-authorised on the governance proposal, and the pool will be fully operational.
As usual, we will notify here on the forum when the governance proposal is created.