OptiFi Accidental Shutdown Command: Difference between revisions
(CoinDesk article part expanded.) |
(Massive improvements to fill in tons of information here.) |
||
| Line 2: | Line 2: | ||
{{Unattributed Sources}} | {{Unattributed Sources}} | ||
[[File:Optifi.jpg|thumb|OptiFi Branding]]OptiFi was a | [[File:Optifi.jpg|thumb|OptiFi Branding]]OptiFi was a decentralized exchange service which sought to process more transactions, optimize the liquidation process, and enable more liquidity in markets. On August 29th, the developers made a mistake and permanently closed down their smart contract, with the entire market coming to an end and a reported $661k worth of funds being locked in the smart contract. | ||
This is a global/international case not involving a specific country. | This is a global/international case not involving a specific country.<ref name="optifilabstwitter-10628" /><ref name="defillama-10629" /><ref name="youtube-10630" /><ref name="optifiapparchive-10631" /><ref name="halborn-10632" /><ref name="solana-10633" /> | ||
== About OptiFi == | == About OptiFi == | ||
| Line 43: | Line 43: | ||
|OptiFi is building up their team. Reddit user sgtslaughterTV reports having an in-person interview with the OptiFi team in June 2022<ref>[https://www.reddit.com/r/CryptoCurrency/comments/x3m4qv/comment/imrfrmd/ sgtslaughterTV - "I had a job interview with OptiFi in June this year at their HQ" - Reddit] (Mar 28, 2023)</ref><ref name=":0">[https://imgur.com/a/DQ4ZOKm "I'd like to schedule a call with you" - Imgur] (Mar 28, 2023)</ref>. The interview is scheduled for 9:00 AM over Google Meet with no timezone mentioned<ref name=":0" />. | |OptiFi is building up their team. Reddit user sgtslaughterTV reports having an in-person interview with the OptiFi team in June 2022<ref>[https://www.reddit.com/r/CryptoCurrency/comments/x3m4qv/comment/imrfrmd/ sgtslaughterTV - "I had a job interview with OptiFi in June this year at their HQ" - Reddit] (Mar 28, 2023)</ref><ref name=":0">[https://imgur.com/a/DQ4ZOKm "I'd like to schedule a call with you" - Imgur] (Mar 28, 2023)</ref>. The interview is scheduled for 9:00 AM over Google Meet with no timezone mentioned<ref name=":0" />. | ||
|- | |- | ||
|August 29th, 2022 12:07: | |August 29th, 2022 12:03:02 AM MDT | ||
|Smart Contract | |Smart Contract Upgrade Operation | ||
|The transaction | |A transaction was run which is intended to update the OptiFi smart contract program<ref name="solanaexplorer-10625" /><ref name=":1">[https://twitter.com/OptifiLabs/status/1564367463168430080 OptifiLabs - "At around 06:00 UTC 29th Aug, our dev was trying to upgrade our program on mainnet, using `anchor deploy` to deploy" - Twitter] (Mar 30, 2023)</ref>. This transaction appears to take longer than usual, which is assumed to be because of "congested network status"<ref name=":1" />. The command was aborted before it returned a "msg"<ref name=":2">[https://twitter.com/OptifiLabs/status/1564367465856962560 OptifiLabs - "Later deployer found that a new buffer account was actually created but not used." - Twitter] (Mar 30, 2023)</ref>. This left the smart contract in a state where a new "buffer account" had been created but wasn't being used<ref name=":2" />. | ||
|- | |||
|August 29th, 2022 12:07:39 AM MDT | |||
|Smart Contract Close Operation | |||
|The transaction was performed which permanently shut down the OptiFi smart contract<ref name="solanaexplorer-10626" /><ref name=":3">[https://twitter.com/OptifiLabs/status/1564367468457365504 OptifiLabs - "Without fully understanding the impact, we used 'solana close program'" - Twitter] (Mar 30, 2023)</ref>. This command was run without knowing the full impact of what it would do<ref name=":3" />. The intended action was simply to close the "buffer account" to retrieve the balance it contained<ref name=":2" />. The developers did not realize that they would not be able to relaunch the smart contract. | |||
|- | |||
|August 29th, 2022 3:40:00 PM MDT | |||
|OptiFi Twitter Post | |||
|OptiFi posts on Twitter about the incident<ref name="optifilabstwitter-10627" />. | |||
|- | |- | ||
|August 29th, 2022 5:17:23 PM MDT | |August 29th, 2022 5:17:23 PM MDT | ||
| Line 69: | Line 77: | ||
== Total Amount Lost == | == Total Amount Lost == | ||
The amount lost has been consistently reported as $661,000 USD<ref name="coindesk-10624" />. As the amount was lost in the USDC stablecoin, there is no volatile exchange rate to consider. | The amount lost has been consistently reported as $661,000 USD<ref name="optifilabstwitter-10627" /><ref name="coindesk-10624" />. As the amount was lost in the USDC stablecoin<ref name="optifilabstwitter-10627" />, there is no volatile exchange rate to consider. | ||
The total amount lost has been estimated at $661,000 USD. | The total amount lost has been estimated at $661,000 USD. | ||
| Line 76: | Line 84: | ||
== Immediate Reactions == | == Immediate Reactions == | ||
=== OptiFi Twitter Post === | |||
OptiFi first reported the situation on Twitter 15 hours later<ref name="optifilabstwitter-10627" />.<blockquote>OptiFi's program has been closed by mistakes we made. | |||
TL;DR | |||
1. We accidentally closed the OptiFi mainnet program and it's not recoverable | |||
2. 661k USDC is locked in the PDAs, luckily 95% of the fund is from our team member | |||
3. We will compensate for all users’ funds</blockquote>In their Twitter post, they explained the full timeline of what happened<ref name=":1" /><ref name=":2" /><ref name=":3" /> and offered some self reflection of what they did wrong<ref>[https://twitter.com/OptifiLabs/status/1564367471011762176 OptifiLabs - "Strictly execute peer-surveillance approach that requires at least 3 peers" - Twitter] (Mar 30, 2023)</ref>.<blockquote>1. Strictly execute peer-surveillance approach that requires at least 3 peers to engage in the deployment | |||
2. Separate capital pools (AMM) from Main program, minimize the impact of such mistakes. | |||
3. DON'T RUSH</blockquote>Their Tweet also included the public suggestion that the Solana developers should add warnings to the documentation and a two-step confirmation for closing a program<ref>[https://twitter.com/OptifiLabs/status/1564367473599688705 <nowiki>OptifiLabs - "@solana_devs [should add] warnings in the docs and two step confirmation for closing a program in CLI" - Twitter</nowiki>] (Mar 30, 2023)</ref>. | |||
=== OptiFi Incident Report === | |||
"We sincerely apologize for a program incident leading to the sudden closure of the OptiFi mainnet program and we could not recover it," the company's blog post on the blunder reads. "We will compensate all users’ funds and prevent it from happening again." | "We sincerely apologize for a program incident leading to the sudden closure of the OptiFi mainnet program and we could not recover it," the company's blog post on the blunder reads. "We will compensate all users’ funds and prevent it from happening again." | ||
| Line 128: | Line 152: | ||
<ref name="futurism-10623">[https://futurism.com/the-byte/crypto-dev-command-company Crypto Dev Enters Wrong Command, Destroys Entire Company] (Mar 27, 2023)</ref> | <ref name="futurism-10623">[https://futurism.com/the-byte/crypto-dev-command-company Crypto Dev Enters Wrong Command, Destroys Entire Company] (Mar 27, 2023)</ref> | ||
<ref name="coindesk-10624">[https://www.coindesk.com/business/2022/08/30/solana-based-defi-protocol-optifi-loses-661k-in-programming-blunder/ Solana-Based DeFi Protocol OptiFi Loses $661K in Programming Blunder - CoinDesk] (Mar 27, 2023)</ref> | <ref name="coindesk-10624">[https://www.coindesk.com/business/2022/08/30/solana-based-defi-protocol-optifi-loses-661k-in-programming-blunder/ Solana-Based DeFi Protocol OptiFi Loses $661K in Programming Blunder - CoinDesk] (Mar 27, 2023)</ref> | ||
<ref name="solanaexplorer-10625">[https://explorer.solana.com/tx/4RRh5kHWf6oh5VfewVevVYT1V53ktC1tK6airHnBN7Tuo4TvhiPYgdTixwJohfJWSTPJp247unCSuVc9dK1KM6Rk Explorer | <ref name="solanaexplorer-10625">[https://explorer.solana.com/tx/4RRh5kHWf6oh5VfewVevVYT1V53ktC1tK6airHnBN7Tuo4TvhiPYgdTixwJohfJWSTPJp247unCSuVc9dK1KM6Rk Anchor Deploy Transaction To Upgrade - Solana Explorer] (Mar 27, 2023)</ref> | ||
<ref name="solanaexplorer-10626">[https://explorer.solana.com/tx/4dPWDPhDHPJhCjqcxoFosa8pbYzdvpR5LhKZ9EYjK9YpvgBTWsKhX37U9jSV1qyj3xbjvm5mpzStTiNaexVaN3jg Explorer | <ref name="solanaexplorer-10626">[https://explorer.solana.com/tx/4dPWDPhDHPJhCjqcxoFosa8pbYzdvpR5LhKZ9EYjK9YpvgBTWsKhX37U9jSV1qyj3xbjvm5mpzStTiNaexVaN3jg Transaction that Closed the OptiFi Smart Contract - Solana Explorer] (Mar 27, 2023)</ref> | ||
<ref name="optifilabstwitter-10627">[https://twitter.com/OptifiLabs/status/1564367455220219904 | <ref name="optifilabstwitter-10627">[https://twitter.com/OptifiLabs/status/1564367455220219904 OptifiLabs - "OptiFi's program has been closed by mistakes we made." - Twitter] (Mar 27, 2023)</ref> | ||
<ref name="optifilabstwitter-10628">[https://twitter.com/OptifiLabs/ @OptifiLabs Twitter] (Mar 27, 2023)</ref> | <ref name="optifilabstwitter-10628">[https://twitter.com/OptifiLabs/ @OptifiLabs Twitter] (Mar 27, 2023)</ref> | ||
<ref name="defillama-10629">[https://defillama.com/protocol/optifi OptiFi: TVL and Stats - DefiLlama] (Mar 27, 2023)</ref> | <ref name="defillama-10629">[https://defillama.com/protocol/optifi OptiFi: TVL and Stats - DefiLlama] (Mar 27, 2023)</ref> | ||
Revision as of 14:35, 30 March 2023
Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' and 'General Prevention' sections to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
OptiFi was a decentralized exchange service which sought to process more transactions, optimize the liquidation process, and enable more liquidity in markets. On August 29th, the developers made a mistake and permanently closed down their smart contract, with the entire market coming to an end and a reported $661k worth of funds being locked in the smart contract.
This is a global/international case not involving a specific country.[1][2][3][4][5][6]
About OptiFi
OptiFi was a derivatives-focused[7] Solana-based decentralized exchange which offered new innovation in trading.
"OptiFi is the first derivative DEX utilizing "Portfolio Margin" across all financial instruments with the same underlying asset.
We see there are three main problems with derivative DEXes: Lack of high performance blockchain infrastructure; Inefficient margining and collateral system designs; Not enough liquidity on the order book.
To combat these problems, OptiFi is built on Solana and Serum to offer low cost and high-speed execution.
Utilizes portfolio margin and partial liquidation to enhance capital efficiency, and offers the first ever on-chain options AMM with delta-neutral strategy to ensure continuous liquidity across all financial instruments on OptiFi.
Unlike typical margin requirements that set margins independent from each instrument, Portfolio Margin takes all instruments with the same underlying asset into account, and nets them against one another, creating lower margin requirements and offsets risks for the user."
The Reality
The OptiFi platform was launched quickly and did not employ a smart contract auditing service.
A critical vulnerability was that the platform could be shut down by a single developer, and all funds would be permanently lost in that case.
The Solana blockchain did not provide complete documentation on the effects of closing down smart contracts on their chain.
This sections is included if a case involved deception or information that was unknown at the time. Examples include:
- When the service was actually started (if different than the "official story").
- Who actually ran a service and their own personal history.
- How the service was structured behind the scenes. (For example, there was no "trading bot".)
- Details of what audits reported and how vulnerabilities were missed during auditing.
What Happened
After launching, OptiFi accidentally closed its mainnet platform, which resulted in $661,000 in USDC being locked up[7]. The company says one of its developers was trying to update the program on the Solana blockchain and accidentally used a command that shutting the whole thing down in one fell swoop.
"On 29th August around 06:00 UTC, we had an update to our Solana program code, so our deployer tried to upgrade the OptiFi program on Solana mainnet." "At 06:07 UTC - The command line was executed successfully and the OptiFi program was closed."
That means over half a million dollars worth of USDC are now "not recoverable at the moment of writing," according to the blog post.
| Date | Event | Description |
|---|---|---|
| June 8th, 2022 8:00:00 AM | OptiFi Job Interview | OptiFi is building up their team. Reddit user sgtslaughterTV reports having an in-person interview with the OptiFi team in June 2022[8][9]. The interview is scheduled for 9:00 AM over Google Meet with no timezone mentioned[9]. |
| August 29th, 2022 12:03:02 AM MDT | Smart Contract Upgrade Operation | A transaction was run which is intended to update the OptiFi smart contract program[10][11]. This transaction appears to take longer than usual, which is assumed to be because of "congested network status"[11]. The command was aborted before it returned a "msg"[12]. This left the smart contract in a state where a new "buffer account" had been created but wasn't being used[12]. |
| August 29th, 2022 12:07:39 AM MDT | Smart Contract Close Operation | The transaction was performed which permanently shut down the OptiFi smart contract[13][14]. This command was run without knowing the full impact of what it would do[14]. The intended action was simply to close the "buffer account" to retrieve the balance it contained[12]. The developers did not realize that they would not be able to relaunch the smart contract. |
| August 29th, 2022 3:40:00 PM MDT | OptiFi Twitter Post | OptiFi posts on Twitter about the incident[15]. |
| August 29th, 2022 5:17:23 PM MDT | OptiFi Incident Report | OptiFi publishes their incident report to Medium[16]. [17] |
| August 30th, 2022 5:08:59 AM MDT | OptiFi Revisions | OptiFi's incident report has been revised |
| August 30th, 2022 6:26:00 AM MDT | CoinDesk Article | CoinDesk releases an article on the situation, which references the original blog post[7]. The article states "OptiFi accidentally closed its mainnet platform in a programming blunder"[7]. |
| August 30th, 2022 7:25:00 AM MDT | CoinDesk Article Revision | CoinDesk revised their article. They determined that OptiFi was a "platform" instead of a "protocol", that it was Solana blockchain-powered instead of merely Solana-powered, and that rug pulls and frauds were not erroneous behaviour[18][19]. |
| September 1st, 2022 5:36:37 PM MDT | Reddit Comedy Show | The situation is shared on Reddit, where the community finds it very entertaining[20]. |
Total Amount Lost
The amount lost has been consistently reported as $661,000 USD[15][7]. As the amount was lost in the USDC stablecoin[15], there is no volatile exchange rate to consider.
The total amount lost has been estimated at $661,000 USD.
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
Immediate Reactions
OptiFi Twitter Post
OptiFi first reported the situation on Twitter 15 hours later[15].
OptiFi's program has been closed by mistakes we made.
TL;DR
1. We accidentally closed the OptiFi mainnet program and it's not recoverable
2. 661k USDC is locked in the PDAs, luckily 95% of the fund is from our team member
3. We will compensate for all users’ funds
In their Twitter post, they explained the full timeline of what happened[11][12][14] and offered some self reflection of what they did wrong[21].
1. Strictly execute peer-surveillance approach that requires at least 3 peers to engage in the deployment
2. Separate capital pools (AMM) from Main program, minimize the impact of such mistakes.
3. DON'T RUSH
Their Tweet also included the public suggestion that the Solana developers should add warnings to the documentation and a two-step confirmation for closing a program[22].
OptiFi Incident Report
"We sincerely apologize for a program incident leading to the sudden closure of the OptiFi mainnet program and we could not recover it," the company's blog post on the blunder reads. "We will compensate all users’ funds and prevent it from happening again."
"We promise that we will return all users’ deposits and settle all user positions manually according to Pyth oracle at 8 AM Sep 2nd UTC. All transactions and deposits will be based on Solscan. The estimated process time will be two weeks."
"In a tweet, OptiFi said that 95% of total value locked is from one of its team members, meaning that customer asset may equate to only $33,000."
"We didn’t realize that the program was closed permanently until the error above showed up. It’s basically saying that our deployed program has been closed and cannot be re-deployed, unless a new program id is used."
"Here it turned out that we didn’t really understand the impact and risk of this closing program command line. ‘solana program close’ is actually for closing the program permanently and sending the SOL tokens in the buffer account used by the program back to the recipient wallet."
"ALL the users’ margin accounts USDC tokens, option tokens, and AMMs USDC vaults are locked in where they are, because they are using PDAs, which are bound to optFiKjQpoQ3PvacwnFWaPUAqXCETMJSz2sz8HwPe9B."
"We suggest Solana officials add the warning regarding the irrecoverable result of closing a program in Solana Docs and Command-Line Interface (CLI) to help Solana devs understand the function."
Ultimate Outcome
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
Total Amount Recovered
The OptiFi platform has stated that it will reimburse user's funds[7].
There do not appear to have been any funds recovered in this case.
What funds were recovered? What funds were reimbursed for those affected users?
Ongoing Developments
What parts of this case are still remaining to be concluded?
General Prevention Policies
The best prevention strategy surrounds the usage of multi-signature on all key decision points.
In addition, having a greater review of the smart contract would likely have identified that funds could be locked up permanently in the event of the protocol closing down.
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ @OptifiLabs Twitter (Mar 27, 2023)
- ↑ OptiFi: TVL and Stats - DefiLlama (Mar 27, 2023)
- ↑ OptiFi - a BIG leap forward in DeFi - YouTube (Mar 27, 2023)
- ↑ https://web.archive.org/web/20220830225235/https://www.optifi.app/ (Mar 27, 2023)
- ↑ Explained: The OptiFi Glitch (August 2022) (Mar 27, 2023)
- ↑ Solana | OptiFi (Mar 27, 2023)
- ↑ 7.0 7.1 7.2 7.3 7.4 7.5 Solana-Based DeFi Protocol OptiFi Loses $661K in Programming Blunder - CoinDesk (Mar 27, 2023)
- ↑ sgtslaughterTV - "I had a job interview with OptiFi in June this year at their HQ" - Reddit (Mar 28, 2023)
- ↑ 9.0 9.1 "I'd like to schedule a call with you" - Imgur (Mar 28, 2023)
- ↑ Anchor Deploy Transaction To Upgrade - Solana Explorer (Mar 27, 2023)
- ↑ 11.0 11.1 11.2 OptifiLabs - "At around 06:00 UTC 29th Aug, our dev was trying to upgrade our program on mainnet, using `anchor deploy` to deploy" - Twitter (Mar 30, 2023)
- ↑ 12.0 12.1 12.2 12.3 OptifiLabs - "Later deployer found that a new buffer account was actually created but not used." - Twitter (Mar 30, 2023)
- ↑ Transaction that Closed the OptiFi Smart Contract - Solana Explorer (Mar 27, 2023)
- ↑ 14.0 14.1 14.2 OptifiLabs - "Without fully understanding the impact, we used 'solana close program'" - Twitter (Mar 30, 2023)
- ↑ 15.0 15.1 15.2 15.3 OptifiLabs - "OptiFi's program has been closed by mistakes we made." - Twitter (Mar 27, 2023)
- ↑ OptiFi Program Incident Report — 08/29/22 - August 29th, 2022 5:17:23 PM MDT (Mar 29, 2023)
- ↑ OptiFi Program Incident Report — 08/29/22 - OptiFi Medium (Mar 29, 2023)
- ↑ Solana-Based DeFi Protocol OptiFi Loses $661K in Programming Blunder - August 30th, 2022 6:33:16 AM MDT (Mar 29, 2023)
- ↑ Solana-Based DeFi Protocol OptiFi Loses $661K in Programming Blunder - August 30th, 2022 11:35:43 AM MDT (Mar 29, 2023)
- ↑ Crypto Dev Enters Wrong Command, Destroys Entire Company - Reddit (Sep 2, 2022)
- ↑ OptifiLabs - "Strictly execute peer-surveillance approach that requires at least 3 peers" - Twitter (Mar 30, 2023)
- ↑ OptifiLabs - "@solana_devs [should add] warnings in the docs and two step confirmation for closing a program in CLI" - Twitter (Mar 30, 2023)
Cite error: <ref> tag with name "futurism-10623" defined in <references> is not used in prior text.