[ARFC] - Temporary Freeze KNC on V3 Ethereum

Governance
1

Background

On November 22, the KyberSwap DEX experienced a significant security breach, resulting in a loss of nearly $50M in various assets. This incident led the Kyber Network team to advise its users to withdraw their funds as a precaution. Following the hack, KyberSwap’s TVL plummeted by 68%, dropping from its peak of $134M in 2023 to $27M. Additionally, the price of the KNC token briefly fell by 7% upon the news breaking but later stabilized and is now trading at ~$0.71

Aave Protocol Specifics

  • KNC on Aave V3 Ethereum: KNC is currently listed as a collateral asset in isolation mode, with a $1M debt ceiling.
  • Supply Cap: The supply cap for KNC is set at 1.2M (~$850,000).
  • Borrow Cap: The borrow cap for KNC is set at 650K (~$460,000).
  • Current State: As of the time of this post, ~$75,000 worth of KNC has been supplied to the protocol and ~$65,000 has been borrowed. No assets are currently being borrowed against KNC

Untitled - 2023-11-23T093036.682

Post-Exploit Developments

  • Increased Borrowing Activity: A notable spike in KNC borrowing was observed following the exploit announcement. A specific account borrowed 50,000 KNC, bringing the asset utilization to over 90% and the borrow APY to over 1,000%.

Untitled - 2023-11-23T093038.342
Untitled - 2023-11-23T093038.3422028×1296 156 KB

Conclusion

  • Minimal Exposure: Despite the significant exploit in the Kyber Network, it is important to highlight that the exposure of Aave Protocol to KNC remains minimal.
  • Effective Protocol Mechanisms and Parmeter Settings: Given the current parameters settings on the protocol, alongside the current usage of the protocol, we do not foresee significant risk to the protocol.

Next Steps

  • Temporary Freeze of the KNC reserve on Aave V3 - as a precautionary measure, and to protect the protocol from unexpected behaviors and developments stemming by the recent events, we recommend temporarily freezing the KNC reserve. We will shortly follow up with an AIP for the community to decide on the freeze.
  • Ongoing Monitoring: We continue monitoring the markets’ state and protocol. Our team will continue to assess the market dynamics and the performance of all listed assets, including KNC, to ensure that any necessary adjustments are made promptly to safeguard users and the stability of the protocol.
5 Likes
2

Gauntlet Analysis and Recommendation

We will continue to monitor and update on the situation, but at this time, we do not have any explicit recommendation for the protocol. Given the conservative parameters on Kyber (1M isolated debt ceiling, borrow cap of 650k KNC, and LT of 40%) and the sufficient price discovery in the token over the last 12 hrs (60% of market cap traded), the data suggests that manipulation and exploit on the KNC token on Aave is unlikely to be profitable to any exploiter. We will continue to monitor any developments.

Some community members have asked us about the risk of allowing extra deposits (not freezing KNC). On this topic - the max potential short position that could be taken on would be around 450k USD (at current price and assuming price of KNC will go down). Given that over 40M KNC has traded since the exploit started, additional deposits to allow for more shorting on Aave V3 Ethereum is not a high-priority threat.

Summary

  • If the community wishes to freeze KNC, they may of course do so out of an abundance of caution. However, Gauntlet’s analysis shows that the additional risk-mitigating impact of doing so is not substantial. The KNC market on Aave has already been parameterized to cap the downside to Aave.
3 Likes
3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.