Institutions, retail users, developers, DApps, everyone loses too much money in smart contract hacks and private key thefts every year!
More than $3 billion in on-chain funds were stolen in 2022. Even though there is generally social consensus as to if a hack has taken place and who the real owner of funds is, the crypto community has its hands tied due to the immutability of the blockchain.
For widespread crypto adoption, the first problem we need to solve is security!
All of the problems that exist on-chain also exist in the traditional banking system. Passwords are much easier to steal and guess than private keys, and web2 servers are also susceptible to hacks. Then why are the funds on the blockchain regularly hacked, whereas funds in traditional bank accounts are considered much more secure?
The only reason for this is that any funds hacked in traditional banking can be much more easily tracked and reverted back to the original owners.
The immutability feature of blockchains can also sometimes prove to be an inconvenience. An example of this was the DAO hack, after which the Ethereum community chose to revert the funds by hard forking the chain by achieving social consensus.
We are able to achieve the best of both worlds, where the base blockchain layer remains immutable, but the users get the option to have increased security by easily recovering funds in case of a hack.
Vanilla mint creates a wrapper around any valuable ERC20 token called the V token, as the V token is always 1:1 backed by the original asset. For most practical purposes like - depositing as collateral on Defi platforms, transfers, voting etc., it is interchangeable with the original token. In the event of a hack involving the vToken from any contract/EOA, a sophisticated governance structure is incentivized to reach social consensus about the real owner of the assets, and the vToken can be reverted back to the correct owner.
We faced 2 major challenges while designing the protocol -
The security guarantee provided by the wrapper token only works if the original assets are safe. If a hacker is able to unwrap the vToken and withdraw the original asset, then there is no way to revert the funds back to the correct owner.
To overcome this issue, we use optimistic withdrawals with a conflict period + integrations with the push protocol, which sends a notification to the owner before their funds are unwrapped.
Users initiate the unwrap by burning the vTokens at the smart contract, this initialises the conflict period. Any user can lodge a conflict about this withdrawal along with 1% of the conflict amount as stake. The funds are then frozen until governance makes a decision about the conflict. If the conflict is found to be faulty, then the lodger is slashed, and the stake is added to the governance treasury.
We also keep the protocol contracts very simplistic and straightforward to minimize the possibility of any vulnerability in the contracts holding the original assets.
Designing the governance for the protocol is a very complicated task, as the governance holds many powers related to the funds on the protocol. An important point to note here is that although governance can burn and mint wrapped tokens when a conflict arises, they are never allowed to move the original asset out of the protocol.
Another challenge with governance is that there is no verifiable way to determine the correct owner of an asset in the case of a private key theft, but the real owner is almost always known by the crypto community in general.
To solve this issue we use a proof of stake model, where participants are encouraged to reach consensus and revert the vToken to the account that is able to generate the most popular support in social forums. The validators get a yield on their stake, which is charged from the EOA submitting the conflict against the optimistic withdrawal.
Discussion