[Discussion] Gauge Risk Assessment Team

Summary:

Create a Gauge Risk Assessment Team responsible for reviewing and publishing any risks associated with protocols applying for a gauge. The team will also review existing gauges to create a comprehensive report on potential risks.

This proposal comes from the Curve Grants Council, with contribution from @Tritium (BadgerDAO).

Abstract:

Recent events involving the USDM pool have resulted in its gauge being killed by the Emergency DAO. New information about the Mochi protocol recently became public, revealing that there were significant design risks that made the USDM gauge vulnerable to exploit.

Going forward, we intend to be more critical of protocols applying for a gauge. This will slightly extend the process of implementing a gauge to allow for report publication. The process will be:

1. Gauge application is submitted to the Curve governance forum

2. Gauge Risk Assessment Team reviews and publishes a report on the protocol

3. On chain Gauge vote is initiated

Note that this team will not have the power to prevent or determine the outcome of a gauge vote. Their purpose is to help inform DAO voters of potential risks. The ultimate decision remains at the discretion of the DAO.

Assembling the Team:

The Grants Council has funds available that we intend to put toward personnel compensation. In the future, the cost of this service may shift to the protocol applying for a gauge, but for the time being we plan to bootstrap with grants funding.

The initial team will be composed of 2 paid members who will be responsible for representing and carrying out the duties of the Gauge Risk Assessment Team. Their research process is to take place publicly to allow participation from community contributors.

Anyone wishing to apply for this position should submit their resume to the grants council at Curve Finance Community Grants. Applicants should be long time community members with a deep understanding of Curve and a technical background.

A list of qualified candidates will be put to a snapshot vote, and veCRV/vlCVX voters will select hires. The team members selected by DAO vote will be compensated for a 3 month period. After 3 months, a vote by snapshot will determine either to extend or terminate compensation. Our goal with this system is to help the DAO stay closely involved with the team members and their work.

Specification:

The team will review specific aspects of the protocol under review that may constitute a risk to the gauge reward system. Their investigation should answer 3 questions:

1. Is it possible for any single party (person or entity) to scam (“rug”) its users?
2. If the team vanishes, can the project continue?
3. Do audits reveal any concerning signs?

They will report on details, such as:

• Privileged addresses, and what they have the power to do (can they rug?)
  – If yes, are typical safeguards in place? Timelocks, multisigs etc.
• Multisig details
  – What are its capabilities?
  – Who are the members and are they credibly distinct individuals?
• Relevant platform details
  – Analyze level of decentralization
  – How long has platform been live? (Is it time tested?)
  – Other benchmarks (revenue/TVL)
• Curve pool history
  – How long have they had a pool up?
  – Historical TVL/Volume
• Code review
  – Is the code audited, by whom, is it comprehensive, auditor’s reputation?
  – Relevant findings in the code

As this service is intended to be a convenient tool for DAO voters, the reports will be presented with consistency and readability in mind. It should be very easy for community members to glean the essence of the review at a glance. The reports should, nevertheless, be thorough and strive to create a complete representation of the platform, covering all areas of concern.

While priority is on reviewing incoming gauge applications, the team will also review protocols with existing gauges. The goal is to maximize transparency about risks to Curve’s gauge system that ultimately helps to inform DAO voters and protect pool LPs.

“revealing that there were significant design risks”

What significant design risks that were not addressed within 24 hours?

Are you trying to justify killing the USDM pool, or propose a solution that would avoid a knee jerk overreaction that REKT small LP holders? Sounds like you’re proposing more curve cartel centralization. Need more gatekeepers to protect us from imaginary things that we thought would happen. “We’re here for your safety and protection.”

I fully support this.

I think it’s in Curve’s interest to help LPs and governors better determine risks. Thanks for making it happen

I appreciate the sentiment; but isn’t this the antithesis of a trustless system? Anyone should be able to create a DAO vote to add a gauge; we all still have to vote for it…

If it’s just for informational purposes, can we avoid making it an official Curve team/project? It won’t help with optics and raise questions about bias.

Agree with ne1k0. Especially on the part of the sentiment. I think it could provide some value, just the concerns outweigh the benefits. My main concern is that this wouldn’t impact the community it’s aimed to impact because I see the community in two groups:

1. Concerned DAO members who read the assessment and take as a gospel that if it turns out to be harmful to the Curve ecosystem, they might lose faith in the overall project. Also, it’s likely that this group is likely already reading the proposals and voting based on their findings
2. LPs who look to maximize profits no matter risk (the group who would benefit most from such a service) wouldn’t read it anyway.

Lastly, since bribes for gauge weights have been lucrative throughout the Curve ecosystem recently, I worry the appetite for bribing the gauge risk assessment team might be the next logical step, which could also cause trust issues from the community since it wouldn’t be possible to prove there weren’t any bribes

I really don’t think it’s a bad idea overall, but somehow it feels like it would be better as it’s own separate service that willing DAO members could pay for if they valued it, like some paywalled substack for example (I don’t have enough knowledge to propose a DAO for such a service but maybe someone smarter does)

I am fully supportive of this proposal. While I am a big supporter of trustless systems, I believe it has to come with consistent quality information to help DAO participants to votes wisely.
This is a value-added services for Curve DAO and it does make sense to bootstrap the funding with a Community Grant.

I am not so worried about risk of bias/bribing of individual team members. The evaluation criteria outlined by @WormholeOracle are fairly subjective and we could come up with rating system for each which could be benchmarked against existing ratings of protocol with existing gauges. We should leave as little space as possible for subjectivity, and explain chosen rating when subjectivity is required.

There is a risk that a bribing system for voters get implemented, but I think that can be mitigated by agreeing on a rule where any protocol applying for a gauge will be systematically rejected if they use any bribing system aiming at influence the outcome of the vote. This would require an extra step post DAO vote to confirm that no bribes were used, which could be in the form of a vote from the Gauge Risk Assessment Team or the Emergency DAO team (so yeah, a bit of trust required here, but there should be no room for interpretation on whether a bribing system à la Votium or bribe.crv.finance has been used).

It is for informational purposes only indeed (and cannot be the other way).

Re: bias you are right of course, but someone should fund it… The idea is that we fund this from Curve Grants, and if it looks good - can also ask other projects if they are interesting in funding such a group working for the benefit of multiple projects. This way it can be unbiased.

I think it’s a horrible idea to assemble such a team and here is why:

1)The Risk assessment team could be biased either through personal investments in the gauge project or a competitor of the gauge

2)The Risk assessment team could be directly approached and bribed for a positive or negative assessment of a particular project

3)A green light recommendation from the risk assessment team could give a false sense of security, a project can still easily rug their lps with different tactics if they wanted to, in Mochi’s case it was just more obvious.

4)The risk assessment team would become a bottleneck for gauge approvals which can become a serious issue with V2 factory pools. We want to include as many projects as we can to compete with Sushi and Uniswap, for that we should be inclusive instead of requiring waiting lists for approvals.

5)Curve has already received a lot of negative backlash because of the emergency DAO. I personally think the emergency DAO is a great layer of security. Yet I think a preemptive safeguard layer that would indirectly decide over approvals of gauges would send a wrong signal to the public.

6)Lps should do their own risk assessment on the pools they are using, if they are not able to do this they should use 3rd party applications that specialize on easily accessible yield farming instead.

The risk team is only as influential as their perceived integrity. The DAO will reevaluate the team’s performance after a 3 month grace period. The research process will be done publicly with input from community contributors. It is in their interest to act responsibly.

Same as 1

The risk team’s job is to highlight any possible rug vectors. If the project could “easily rug their LP’s with different tactics” it means the risk team hasn’t done their job properly, in which case see 1.

The risk team can’t prevent a gauge vote from taking place. If the number of gauge applications becomes so great to create a bottleneck, probably the DAO could not responsibly vote on every gauge anyways. We would like to see the evaluation from the risk team become a useful and trusted service for DAO voters, and that depends on 1.

Let’s be clear that the emergency DAO has negative side effects to Curve LP’s and Curve’s reputation. Although it served as a useful safety backstop in the Mochi situation, we should not get comfortable relying on the emergency DAO as a standard safeguard. I’ll reiterate the risk team does not have the power to determine or prevent gauge votes, only to help inform voters.

Exactly, and the risk team’s job is to help both LP’s and DAO voters become informed about risks.

Fully support this as well.
I think this will harden the protocol and will be good for long-term growth.