[ARFC] Renew LlamaRisk as Risk Service Provider - epoch 3

Title: [ARFC] Renew LlamaRisk as Risk Service Provider - epoch 3

Author: @LlamaRisk
Date: 2025-04-02

Summary

LlamaRisk submits this proposal to renew our role as an Aave Service Provider. Over the past year, we have delivered consistent value to the DAO through independent risk analysis and proactive contributions to Aave’s security and strategic decision-making. We cherish the opportunity to work for an organization that encourages public debate and believe that retaining the services of two risk providers is part of Aave’s moat.

For this next epoch, we propose a service fee of $1m for one year, a 25% increase from the previous term. This adjustment reflects our expanded engagement, the need to retain specialized talent dedicated to Aave’s risk management, and our commitment to upholding the highest service standards.

Our contributions are fully transparent and verifiable through our daily engagement on the forum, monthly community updates, and research publications. Below, we review our key achievements in Epoch 2 and outline our vision for this renewal.

Epoch 2 retrospective

Consistency & responsiveness:

• Supported 90 ARFCs, opined on 9 new chains deployments, and served as a reliable signer for the Aave Guardian.
• Responded to over 100 forum posts with technical analysis and risk recommendations.
• Maintained an average of 91h response time for ARFCs, generally complying with the established 5-day windows.
  
  

  image912×547 29.9 KB

Legal & regulatory content:

• Published relevant and informing legal research, including:
  • Coinbase’s MiCA-Driven Stablecoin Restrictions
  • Regulatory Pressure on USDT and Legal Features of USDT0
  • Tether’s Regulatory Status in El Salvador
  • wBTC BitGo Custody Update - Community Update
  • sGHO Legal Implications
  • Borrowing/Lending tokenized RWAs (Horizon)

Uncompromising independence:

• Advised halting sUSDe cap increases and raising liquidation penalties. Although we serve on the Ethena risk committee, which can pose potential conflicts of interest, we prioritize Aave’s solvency and users’ safety above all.

Research & tooling:

• Balancing Act: LST Pricing Mechanisms for DeFi Lending
• Ethereum Staking Penalty Simulator
• Aave 3.2 Liquid E-mode short explainer
• Ethena Reserve Fund Drawdown Methodology V2
• MPCs in Protocol Treasury and Operational Context
• Research on Smart Value Recapture (SVR)

Elevating security standards:

• Actively advocated for and succeeded in establishing several critical bug bounty programs for protocols seeking Aave integration (Stakestone, bCSPX, Botanix Labs, rsETH, Origin Sonic, Resolv, Rings, and many others in progress)
• Championed Operation Spring Cleaning, an initiative to address qualitative risks (e.g., rsETH vulnerability in legacy function, stS access controls oversight) and raise the standards. Presented at EthDenver (Beyond Numbers: Qualitative Risk Analysis in DeFi).
• Released the first version of our risk metrics dashboard: score.llamarisk.com

Community engagement:

• Launched This Week In Aave, a weekly X thread summarizing protocol developments.

Scope

Building on Epoch 2’s foundation, we will continue centering our services to Aave DAO around producing in-depth and actionable risk assessments in recommendations for all current and prospective assets on Aave instances. We will continue working closely with other service providers, especially @ChaosLabs, ensuring comprehensive risk coverage and prioritize the following strategic initiatives:

• Umbrella parametrization: Provide dedicated support as members of the newly established Aave Finance Committee, applying our data-driven capitalization methodology developed through months of research. This approach uses rigorous analysis of market-wide price shocks to determine optimal insurance caps
• Smart Value Recapture (SVR): Support and monitor SVR implementation.
• RWA collaboration: Work with @AaveLabs on the Horizon program, leveraging our domain expertise in RWA risk assessment.
• Aptos Deployment: Support Aave’s expansion to Aptos with a comprehensive risk analysis of the ecosystem.
• sGHO: Continue supporting the GHO Savings rollout, building on our GSM fee methodology work. We’ll provide risk parametrization and supply target estimations to support @TokenLogic and @kpk’s integration plans.

We propose a 1-year term to underscore our long-term commitment to Aave DAO—performance will dictate continuity.

Specification

Create a payment stream of 1m GHO to the address 0x9eE16dBDE572886342fc1e2Db8525DEFB007b27c, a LlamaRisk controlled multisig for 1 year starting from the end of the previous engagement (April 28th, 2025 / Unix time 1745822843).

Next Steps

1. Gather community feedback on this ARFC.
2. If consensus is reached, escalate this proposal to ARFC snapshot stage.
3. If ARFC snapshot outcome is YAE, escalate to AIP stage.

Disclaimer

LlamaRisk is presenting this ARFC independently and is not compensated by any third party for creating this ARFC.

Copyright

Copyright and related rights waived via CC0.

Since LlamaRisk joined the DAO they have shown strong progress in every aspect.
Me and other Delegates or SP gave them feedback and I do think that we are now in a sweetspot with ChaosLabs and LlamaRisk working together and not overlap too much in their work.
Llama is helping a lot in regulatory environment like MiCA or work towards stablecoin specific regulations relevant for GHO.

They have always been engaging and available whenever I needed something.

For the next year I do hope to see a lot towards pushing sGHO and keep the DAO updated towards regulation.
I do also wish to see monitoring and risk reports regarding SVR, so we can have a rough understanding of how its going and how it affects the protocol and especially user behaviour (if at all).

I think the proposed 1m fee for a year are fair for the work and growing ecosystem we have.
I am supportive of renewing LlamaRisk with the new terms.

This proposal has full @ACI support.

Very much in favour of this. LlamaRisk has been a top class addition to Aave so far and as we turn our attention more to RWAs, their expertise will be invaluable.

With the SVR and Umbrella, we’d love to see a comprehensive dashboard and analysis of performance, and proactive reporting to the community. LlamaRisk has done a great job with their analyses so far and it’d be great to see this continue.

For a year, $1M is a fair price given the quality of the work being done.

LlamaRisk has been a valuable addition to Aave as a Service Provider, and we support renewing their engagement.

Aave has a lot more moving parts, and we are keen to see how LlamaRisk will continue to contribute.

kpk can attest to the impressive work LlamaRisk has been doing within Aave. Their deliverables are consistently high-quality, and we fully support the renewal of their engagement.

I’m supportive of the proposal. Very impressed with the work done so far and the deliverables, especially the legal and regulatory analysis. 1 year engagement make sense given the work stream is relatively predictable.

Under Skyward help, ACI has just escalated the current proposal to ARFC Snapshot.

Vote will start tomorrow, we encourage everyone to participate.

After Snapshot monitoring, the current ARFC Snapshot ended recently, reaching both Quorum and YAE as winning option, with 577.8K votes.

Therefore [ARFC] Renew LlamaRisk as Risk Service Provider - epoch 3 has PASSED.

Next step will be the publication of an AIP for final confirmation and enforcement of the proposal.

Slightly late on my feedback, but before AIP would like to leave some thoughts.

Llamarisk has been quite exemplary during the previous two phase on their approach to work in an environment like the Aave DAO, having a specific field of contribution, but not forgetting that flexibility is pretty important, as the risk field is changing all the time.

Not removing importance from other contributions in previous Epochs, but I would like to highlight the value Llamarisk brought in specifically quality and redundancy.
On the quality side, I think there is little doubt that the analysis performed on for example assets are pretty good, and especially trying to focus on angles usually not covered from other contributors like development. On the redundancy side, especially for the liquidity pool product-line of Aave, it is fundamental to have multiple layers on risk, obviously keeping a collaborative policy between providers and usually overlapping in opinions, but still with total independence of criteria and output.

Additionally, Llamarisk has followed good procedures of onboarding with the DAO until now, so the change to 1y services contracts seems pretty reasonable.

In summary, supporting Epoch 3 from my side.