Topics Covered in this Post
- Recap of Events
- Compensation plan and ability to sell claims
- Enhanced security measures and risk assessment with LedgerWorks
- Relaunch of Steadefi v2 with GMX v2
- New investors and advisors
Recap of Events
Steadefi v1 suffered an exploit on 7th August 2023, resulting in $1.12M of users’ funds lost. About $300k was successfully withdrawn by users, and the team was able to recover about $550k (~33% of TVL) which has been made claimable proportionately by affected users since 23rd of August 2023.
Over the past several months, we have been working to re-group, re-build and re-launch.
The goal of this blog post is to share the details of the preparation work we have done over the past few months as we look to our secure relaunch very soon.
With that, let’s begin with the compensation plan.
Compensation Plan and Selling of Claims
The ability to compensate all affected users is directly tied to the ability of the protocol to recover and grow.
Steadefi has yet to have a tradeable token pre-exploit and as such we will be providing compensation via tokens through changes to our original tokenomics and emissions.
We had previously shared details of the tokenomics to accommodate for compensation in a blog post. With the suggestion and counsel from our new investors and advisors, we would like to re-confirm that we are sticking to the original compensation plan with one new added capability: selling of your esSDY compensation claims.
Additionally, there are some slight changes to the tokenomics as we required more tokens for compensation to cover for the shortfall for compensating earned esSTEADY.
Details are as follow…
esSDY Claimable for Compensation
All calculations are based on a price of $0.05 per SDY, $10m FDV.
- Total value of funds lost was valued at $1,124,634 (rounded up) at the time of exploit. 22,492,680 SDY is needed to cover the total compensation value.
- A total of 1,713,302 (rounded up) esSTEADY rewards were also earned by users during this period. 1,713,302 SDY is needed to cover these rewards.
As such, a total of 24,205,982 SDY (12.102991%) is required to cover compensation. As originally shared, we will be allocating 12% of the SDY token supply — a total of 24,000,000 — as compensation. An additional 205,982 SDY is hence required in addition to the 24m SDY allocated for compensation. This additional 205,982 SDY tokens budget will be obtained from the Team allocation.
New Adjusted Tokenomics as of December 2023
- Compensation is ~12.1% of the token supply at the $10m FDV at moment of exploit. A $10m FDV values SDY (previously STEADY) token at $0.05 per SDY/esSDY.
- Compensation will be in esSDY which will be claimable linearly over a 12-month period.
- Users wishing to sell their esSDY will need to redeem esSDY to SDY over a period of 1-6 months. Details of how redemption works are in our documentation.
- It will take up to 18 months to fully redeem 100% of claimable esSDY to SDY, which is designed to reduce sell pressure early in a public raise.
- Previously farmed esSTEADY amounts will all be claimable in esSDY upon Steadefi v2 relaunch.
- All esSDY claims will be attributed to the original wallet addresses that had deposited funds in Steadefi as well as having earned esSTEADY (whether claimed or already earned in farm but unclaimed).
- After SDY’s Token Generation Event, users can allocate esSDY to claim their share of protocol fees, boost esSDY yield and more.
Once again, all claims for compensation will be claimable as esSDY over 12 months.
Users will be able to claim their esSDY compensation using the wallet address which had funds lost or had earned esSTEADY in Steadefi.
Claims will be available in both Arbitrum and Avalanche for every affected wallet address, depending on the funds lost or esSTEADY earned on each respective network.
Selling of esSDY Claims
We understand that users may be frustrated with the compensation plan, and specifically, how long it may take in order to be fully compensated and more.
Additionally, claims are in esSDY, which are non-transferable and non-tradeable until redeemed for SDY over a period of time.
After much deliberation, we have decided to add the capability for compensated users to be able to sell their esSDY claims.
Here is how it works:
- esSDY claims will be represented as NFTs; hereby termed as “ClaimNFT”
- Total amount of esSDY to be claimed as well as how many esSDY has already been claimed will be tracked within this ClaimNFT
- The respective unique ClaimNFTs will be claimable by the wallet address that is owed that exact compensation
- Only owners holding the ClaimNFT can claim any available claimable esSDY
- As it is an NFT, the wallet address holding the ClaimNFT can look to sell it
- A Steadefi Claim Marketplace will created to help facilitate the selling and purchase of these ClaimNFTs
We hope that this feature will allow short and long-term users the flexibility to either sell their claims quickly to a willing buyer at a discount, as well as long-term users with a more positive outlook to Steadefi to purchase esSDY at a discount. Of course, users can choose to not sell their ClaimNFTs at all to continue to claim esSDY as compensation over 12 months after SDY TGE.
Enhanced Security Measures and Risk Assessment
The exploit event has resulted in great pain and disappointment to all Steadefi’s users and stakeholders. Thanks to the numerous security communities, advisors and experts, our security stance and knowledge has improved greatly. We deeply understand and appreciate that a holistic security position covering many things beyond just smart contract code are required to ensure as much as possible that no security lapses ever happen again.
We also knew that we had to seek help from security experts.
Of course, smart contract code security and correctness are still crucial (everything is highly crucial when it comes to security as we are only as strong as our weakest link). For Steadefi v2’s relaunch, our contracts have been re-architected — with inspiration from Aave’s library contract architecture — to allow us to add even more code logic for more security checks, slippage and MEV protections, and stronger access control permissions, all while overcoming solidity’s contract size limits.
A Holistic Security Stance
The topic of holistic security within the context of Web3 and DeFi is too broad to be covered in-depth in this relaunch post. Instead, we would like to share how we are approaching it better this time at a high level.
Firstly, we are extremely grateful to Ethan B. Johnson for accepting to be Steadefi’s Information Security Advisor. Having previously been the Head of Digital Assets Information Security at Citadel as well as the Chief Information Security Officer at Galaxy Digital, we are extremely grateful and honored to have his counsel.
Secondly, we have to work with a security firm that is able to provide us with holistic security frameworks, risk assessments as well as tools for ongoing monitoring, alerting and triggering of actions while also appreciating the intricacies of DeFi and Web3. We are very excited and thankful to share that Steadefi will be engaging the consulting services and tools of LedgerWorks, a DeFi-oriented security firm, for help on all these fronts moving forward.
Thirdly, we want to do our best to let stakeholders not just trust, but verify that we have implemented these security measures, from operational security to contract code audits. We aim to document and share as much as possible our holistic security implementations in our public documentation, which would include the various risk assessments and mitigation steps implemented, as well as the addresses of the multi-sigs and signers to our contract codebase.
Smart Contracts Audit
Getting our contracts audited is still a must, and we have observed the advantages of a Public Audit with the trend of Sherlock, Code4Arena and more.
Thanks to a referral from Chainlink BUILD, we were connected with the Cyfrin team who runs a public audit platform called Codehawks. With the limited budget we have, we ultimately decided with a public audit through Codehawks and the experience has been fantastic throughout, with great thanks to the numerous top notch public auditors and judges from Codehawks. As of 29th November 2023, the final report from the public audit has been released and we are actively working on resolving and mitigating all the findings.
Steadefi is prioritizing security more than ever with the understanding that we need to rebuild trust. We hope to be able to slowly gain that trust as we demonstrate these actions while growing the protocol again.
Which brings us to the next topic…
Steadefi v2 Relaunch to GMXv2 GM Pools
With the added emphasis on security, we still needed a plan to relaunch with something that is useful, unique, and exciting to users while staying true to our mission: providing strategies that allow users to earn yield profitably in any market conditions.
We believe GMX - as the largest perpetual exchange by TVL, with their new v2 implementation, is the perfect protocol for us to kickstart our relaunch.
As of 29th November 2023, GMX boasts more than $1bn USD of assets under management spread across Arbitrum and Avalanche with more than 50% coming from liquidity provided for traders. Even more impressive is the 250m USD of total fees (yield) that has been generated and distributed to their stakeholders. More than 300k users have also been recorded engaging with GMX.
This makes GMX undoubtedly one of the top blue-chip leaders in the growth of DeFi, and we believe that this trend is only going to keep growing.
With centralized crypto exchanges and platforms committing fraud (Celcius, FTX, Hodlnaut) and regulations kicking in further (Binance), we believe the movement towards decentralization will only continue to grow, and GMX will be there to receive it.
GMX checks all the boxes for Steadefi as a protocol to build strategies on: high TVL, strong real yield from fees, and strong demand from users. We also have to share how supportive the GMX team is in engaging with protocols like ourselves for building upon them.
Steadefi’s lending and strategy vaults will allow users who seek to earn yield profitably across any market conditions to do so effectively. With lending vaults that allow single-asset maxis to earn a strong return on their assets to strategy vaults that cater to higher risk profile yield seekers that want to leverage up more safely, there is a strategy vault provided that executes this for users while providing automated risk management to ensure your desired strategy is performing correctly.
We will publish another post in the near future detailing the value proposition of our vaults to GMX v2.
In the meantime, we are refreshing our brand colors and user interface to pay homage to GMX as well as making Steadefi a little bit more vibrant looking!
Share your feedback with us in our Discord 🙂
Steadefi’s Phased Relaunch + Airdrop Campaign
We are launching this time with 3 clear phases:
- Phase 1: Bootstrap Liquidity with SDY Airdrop Campaign
- Phase 2: SDY Public Raise and TGE
- Phase 3: esSDY Utility
More details on each phase as well as timeline will be shared very soon in an upcoming post.
Our New Investors and Advisors
As we move towards our secure relaunch, we would like to sincerely thank all of our new investors to our Recovery Round and new advisors. Without them, Steadefi would not have the opportunity to rebuild and restart, and we are absolutely grateful and appreciative of their support and counsel.
Recovery Round Investors
- ClubCigar DAO
- AVentures DAO
- Coinflipcanada, Co-founder and Head of Partnerships and Strategy, GMX
- Daniel Dizon, Founder and CEO, Swell Network
- Luke Lim, Strategic Partnerships, Chainlink
- Xiot, Angel Investor and LP
- Daniel Dizon, Founder and CEO, Swell Network
- Abishek Kannan, Head of Research, Swell Network
- Ömer Demirel, Partner at AVentures DAO
- Rasheed Saleuddin, Partner at AVentures DAO
- Ethan Johnson, Ex-CISO, Galaxy Digital and Ex-Head of DAM, Citadel
Each of these investors and advisors brings a unique set of skills, expertise and network that will guide us to do better and come back stronger.
A New Beginning
As the Project Lead of Steadefi, I, Jeff, know that it is not words that matter, but results and deliverables.
I know that our users who had lost funds with us will always be skeptical on everything we say and do until they are fully compensated — and perhaps more than that. And as I have shared in several times in our community Discord: I completely understand and empathise with your emotions and reactions. I am personally still extremely disappointed in myself for this huge and painful oversight.
I hope that with the relaunch of Steadefi v2, we can finally demonstrate that instead of running away, we come back stronger and wiser.
With 2024 potentially shaping up for a bullish sentiment on the markets, and with the belief that Steadefi’s offering is indeed valuable while riding on a top protocol like GMXv2 leading the growth trend in decentralised finance, I believe this is the best chance for us to restart, rebuild and regrow for both new users to Steadefi as well as old users who seek compensation and more.
But we CANNOT do this without a supportive community.
We seek your understanding that even if you do not trust us in the short-term, to still be cordial, civil and hopefully supportive of the efforts in restarting Steadefi.
Being critical is fine, but being unnecessarily aggressive and toxic is not going to help with attracting the right community and users for us to relaunch successfully.
I humbly ask for your support on this.
Expect more frequent communication from us moving forward!
Stay tuned via our official channels
Follow us on Twitter: https://twitter.com/steadefi
Join our Discord: https://discord.gg/steadefi
Join our Telegram (less active): https://t.me/Steadefi_Official