Quantstamp Submits First Idle Governance Proposal

Quantstamp Announcements
December 15, 2020

Gov Tokens Allocation Fix in Idle

On December 14th, a minor bug in the governance tokens distribution module in Idle protocol was reported.

The incident does not involve any deposited funds in Idle protocol (Best-Yield or Risk-Adjusted strategies) nor the accrued yield provided by the underlying protocols.

Governance tokens distribution ($IDLE and $COMP) is affected by the bug under specific circumstances, hence resulting in a misallocation of a small number of tokens to liquidity providers. According to the initial assessment, approximately ~150 IDLE and ~1 COMP have been misallocated since the launch of Idle Governance.

The bug has already been mitigated by a joint effort with Quantstamp and Idle team members, and Quantstamp has proposed a patch via a governance proposal, IIP-1. For security reasons, Quantstamp and the Idle team will fully disclose the bug once the on-chain proposal is implemented.

Core Facts

Quantstamp collaborated with the Idle team to investigate this inquiry, identifying the vulnerability and working on both the temporary mitigation patch and the final proposal.

Next Steps

The on-chain proposal, IIP-1, launched by Quantstamp is available here.

Idle Governance has 3 days to cast its vote, in favor or against it. If the “For” vote wins and 4% of IDLE tokens have casted a vote, IIP 1 will be implemented after 2 days (grace period).

If you want to get in touch with the Idle team, feel free to join their community on Twitter, Discord, or Telegram.

Quantstamp Announcements
December 15, 2020

Gov Tokens Allocation Fix in Idle

On December 14th, a minor bug in the governance tokens distribution module in Idle protocol was reported.

The incident does not involve any deposited funds in Idle protocol (Best-Yield or Risk-Adjusted strategies) nor the accrued yield provided by the underlying protocols.

Governance tokens distribution ($IDLE and $COMP) is affected by the bug under specific circumstances, hence resulting in a misallocation of a small number of tokens to liquidity providers. According to the initial assessment, approximately ~150 IDLE and ~1 COMP have been misallocated since the launch of Idle Governance.

The bug has already been mitigated by a joint effort with Quantstamp and Idle team members, and Quantstamp has proposed a patch via a governance proposal, IIP-1. For security reasons, Quantstamp and the Idle team will fully disclose the bug once the on-chain proposal is implemented.

Core Facts

Quantstamp collaborated with the Idle team to investigate this inquiry, identifying the vulnerability and working on both the temporary mitigation patch and the final proposal.

Next Steps

The on-chain proposal, IIP-1, launched by Quantstamp is available here.

Idle Governance has 3 days to cast its vote, in favor or against it. If the “For” vote wins and 4% of IDLE tokens have casted a vote, IIP 1 will be implemented after 2 days (grace period).

If you want to get in touch with the Idle team, feel free to join their community on Twitter, Discord, or Telegram.

November 11, 2020

Quantstamp Community Update - October 2020

‍Audit of Ethereum 2.0 client Teku, blockchain insurance, Open DeFi, virtual events, and more media coverage... here’s what happened at Quantstamp in October.‍

November 5, 2020

Why Bitcoin is Capturing Enterprise Attention

MicroStrategy made headlines this summer as the first publicly-traded company to buy Bitcoin as part of its capital allocation strategy. Since then, other companies have followed suit. Learn how current economic conditions and the unique properties of Bitcoin have driven these decisions.

October 28, 2020

Formally Verifying Hedera Hashgraph's Stablecoin Framework

Quantstamp created and formally verified a specification for Hedera Hashgraph stablecoins. This simplifies the process of creating safe stablecoins and also makes easier for partners to safely integrate them.

October 27, 2020

Quantstamp Completes Audit of 2nd ETH 2.0 Implementation

Quantstamp has now completed its audit of Teku, the Ethereum 2.0 client developed by ConsenSys. Quantstamp also audited Prysm by Prysmatic Labs.