I appreciate bringing this forward, and clearly explaining what the issue was.
If I may raise some follow up questions and comments:
- Can a third party force the system into this state again? In other words, can this be exploited?
- Can you explain a bit better how this was not a design problem and yet a an legitimate system output?
- What guardrails are there being put in place from keeping this to happen again? Is there going to be a kind of secondary check before CAPO oracle updates are pushed into the aave platform? It feels like this is a vital app component that could benefit from having an independent validation check.
- “no bad debt” has been mentioned 3 times. There were no market dynamics, iiuc, generating a risk of bad debt. In fact, the ask of the DAO covering the gap, which I will support, will hit the DAO balance sheet so that users won’t be impacted as if there was bad debt.
- Which takes me to a more sensible topic which I feel forced to raise. Does Chaos Labs carry any responsability of what happened? Will there be a separated proposal on how to make borrowers whole that will show CL playing a role in funding it?
Thank you again for the clear information and for being profesional about it. I hope there is a fair outcome for everybody that token holders can rally behind.