An Overview of StellaSwap’s Response & Action Plan Going Forward
What happened in the span of these few days have been extremely hard for StellaSwap users, and the wider Moonbeam ecosystem in general. As the largest DEX on Moonbeam and Polkadot, it has been a tough journey for StellaSwap in navigating the abyss of Nomad’s bridge exploit, which was the 4th largest hack in DeFi’s history.
Nomad’s hack resulted in the loss of millions of dollars for StellaSwap users, as bridged assets shrank our total value locked (TVL) by more than half due to Nomad’s asset being unpegged.
This report takes you through what transpired throughout the event, how StellaSwap’s team responded and what lies ahead. Before that, it is important to highlight the following;
StellaSwap is committed to doing what is right for the community. We will do our best to make ensure that decisions are made for the betterment of Moonbeam’s ecosystem and all of its users, in alignment to all relevant stakeholders.
Nomad is the biggest cross-chain bridge on Moonbeam that allows users to send and receive tokens between different blockchains. A recent update to one of Nomad’s smart contracts made it easy for users to spoof transactions, which meant hackers were able to withdraw money from the Nomad bridge that didn’t actually belong to them. Because of this, Nomad’s assets were quickly depegged as the underlying assets locked on Ethereum — that were backing Nomad’s Moonbeam assets — were stolen. As Nomad’s bridged assets lost value, StellaSwap farms were destabilized as the peg was lost. Nomad’s USDC for example — USDC.mad — lost its $1 peg and was valued at $0.16 in one instance.
The hack occurred on August 2, and news of the exploit resulted in Moonbeam halting the network in order to investigate the exploit further.
As Moonbeam went into maintenance mode, users were not able to execute transactions on the network. StellaSwap made sure to convey this message across our socials to affected users.
After 5 hours, Moonbeam resumed the network after confirming that its codebase wasn’t compromised. This mean that the exploit occurred exclusively on their contracts within Ethereum network.
The full technical analysis of the exploit can be seen on Nomad’s root cause analysis (RCA) document: Nomad’s RCA Document.
What Does it Mean to Users?
As a DEX, StellaSwap facilitated trade across a variety of tokens on Moonbeam, with the most strategic farms being in the form of Nomad assets. Although StellaSwap only used Nomad for bridging across Ethereum network, the cumulative TVL of Ethereum assets constituted over 60% compared to the aggregate TVL.
To be clear, only Nomad assets were compromised in the exploit. Native-substrate coins such as GLMR, STELLA and DOT, as well as coins bridged via other bridging providers such as Axelar and Mulitchain were not affected.
Here is the list of StellaSwap farms that were compromised as they contained Nomad assets:
- Basepool 4pool: USDC.mad — USDT.mad — DAI.mad — FRAX (Canonical)
- Dual ETH Pool: ETH.mad — ETH.multi
- ETH.mad — GLMR
- USDC.mad — GLMR
- WBTC.mad — GLMR
- MAI Metapool: MAI<>Basepool
Users that were holding LPs on any of the affected farms suffered a loss of value on their positions, due to the depegging of Nomad assets. After network resumption, there was an exponential increase in trading volumes as users scrambled to liquidate Nomad assets.
Average daily volumes ranged from $1m-$3m, but once Moonbeam network restarted trading volume increased to over $30 million.
The resulting consequence for users is highlighted below;
- Users who made trades lost a good chunk of their LPs: Users who were quick to react ran to trade away their Nomad assets for non-Nomad assets lost value as time went buy, as the deteriorating peg and increasing slippages resulted in higher user losses as time went by.
- Users who kept their LP lost a significant chunk of value: Regrettably, those that did not unstake their LP lost a significant chunk of their LP value as Nomad assets depegged. Nomad USDC lost 84% of their value at one point. Users faced tremendous impermanent loss due to the deterioration of value for Nomad assets. It got to the point where trading out Nomad assets were not a worthwhile endeavor, as users lost most of their LP value.
- Users cannot bridge out to Ethereum due to Nomad’s bridge closure: The exploit led Nomad to close their bridge since there was nothing left for redemption due to the loss of collaterals that were backing the bridged assets on Ethereum. The bridge has yet to be opened, so those holding Nomad assets now cannot bridge to Ethereum.
How Did StellaSwap Respond?
With direct exposure to Nomad assets, StellaSwap had to quickly react to the situation. Here is a breakdown of our response within the first 48 hours;
- 22:58 PM (UTC), 1 Aug: Within the hour of the exploit, we immediately pinged Nomad for confirmation on the exploit. We received a response 10 mins later that Nomad was currently investigating the event and that they’ll respond once more information is clear. We constantly followed up to get more clarity on the situation so that we can respond to users.
- 23:05 PM (UTC), 1 Aug: Our first decisive response to users was manifested in our Discord group, where we mentioned that we were directly in communication with Nomad. We offered a possibility for users to hedge their risks. Albeit little information, that was what we thought was a suitable possibility at that point of time.
- 23:18 PM (UTC), 1 Aug: Moonbeam decided to pause the network to assess the exploit. This meant that users were not able to perform any txns on the network.
- 04:14 AM (UTC), 2 Aug: Moonbeam resumed the network as they found no vulnerability on Moonbeam’s codebase.
- 04:53 AM (UTC), 2 Aug: Announced a public acknowledgement of the exploit, the devaluing peg of Nomad assets, and the ongoing communication with Nomad and relevant stakeholders.
- 05:56 AM (UTC), 2 Aug: Enforced 2 platform changes to protect users (called Update #1) by 1) disabling deposit of Nomad assets & 2) Added a banner on website to reassure users. At this point, we had no information on anything, and therefore we made the changes proactively.
- 10:26 AM (UTC), 2 Aug: Nomad released a public announcement on the situation. Up till this point, we had no reply from Nomad on the situation on our direct chats, and our main source of information was through Nomad’s Twitter, like everyone else.
- 15:04 PM (UTC), 2 Aug: In the absence of information and communications directly from Nomad, StellaSwap had to assume the worst and made further changes to facilitate support for users. We launched $MAI & $FRAX farms (Update #2) to protect non-Nomad assets from getting badly devalued due to impermanent loss and slippages. The entire team was actively utilized to address user questions on Discord, and provide reassurance. Given the absence of communication from Nomad, we had to assume most of the things.
- 21:25 PM (UTC), 2 Aug: We received a reply from Nomad on the current situation and their action plan. Nomad thereafter released their fund recovery process a few hours later.
- 05:39 AM (UTC), 3 Aug: StellaSwap announced update #3 that included the current state of Nomad, postponement of Athos IDO and disabling of Nomad’s bridge on our UI.
Throughout the process, our team worked round the clock to ensure that users had the most updated information, as well as answering user queries based on our assumption of how things would fare out. It was vital for us not to recommend any decisive steps, but rather highlight the potential possibilities that lay ahead, so users could make decisions on their own.
High-Level Protocol Metrics
Throughout the exploit, we made sure to be on top of platform analytics to track the situation. Here’s the tracked metrics at a glance;
This pertains to metrics around our core protocol performance.
- TVL: 65% reduction of TVL from $55 million to $14 million, currently
- Trade Volume: Recorded highest trading volume in excess of $30 million within the 24 hours period after the exploit. Thereafter, volumes stayed flat around $2m — $3m on a rolling 24hr period.
- Transaction Count: There was a surge in transactions on StellaSwap due to the exploit.
- Farm Volumes: Majority of trading volumes were centered around Nomad farms, which are now retired.
- New Users: We saw a sharp increase in our social handles; 23% increase in our Discord users and over 3,000 new followers on Twitter.
The big question now in everyone’s mind is ‘What’s next?”. The reason why this has been an extremely difficult question is because the answer depends on the resolution plan. While all affected protocols can come together and offer assistance, the ultimate party that can conceive the resolution plan is Nomad. While we await for that to happen, StellaSwap needs to plan ahead for our future. We cannot just sit around and do nothing. While we are in constant communication with relevant stakeholders on the road ahead, we need to be cognizant of how we rebuild, and when.
Therefore, before we even begin to talk about the roadmap, we have to establish an important distinction with regards to future plans. The roadmap ahead is divided into two parallel plans that aren’t mutually exclusive;
- We need to plan for StellaSwap’s restructuring, given that Nomad assets represented a core part of our protocol and moving forward entails hard decision that we must make for our future
- We need to establish a viable infrastructure for when the resolution plan from Nomad occurs, which could be soon or far ahead. This entails the continual support for Nomad assets and required liquidity components + depth for LP withdrawal, among other things
We will be focused on point 1 (restructuring) as that is within our control. Point 2 (infra for Nomad’s resolution) has a large dependency on Nomad’s recovery + resolution plan, and the best we can do is react according to continual information from Nomad, as well as ensuring that the pursuit of point 1 does not compromise point 2. We will release the definitive processes for point 2 once more information is available from Nomad.
StellaSwap’s Restructuring Plan
While StellaSwaphas been heavily affected by the exploit, it is vital that we learn from this episode. There are key learning points that we would utilize as the base for our restructuring, namely;
- Focus on substrate-native assets via cross-consensus messaging (XCM), thereby mitigating against bridge risks and enriching the Polkadot ecosystem as a whole. This entails focusing on cross-(para)chain assets listings, as well as adoption of strategic native assets like aUSD from Acala, FRAX, native USDT (where minting occurs on Polkadot) and MAI. Within 48 hours of the exploit, we launched Interlay’s native token INTR on StellaSwap. Users can expect Interlay’s iBTC farm next week.
- Greater stakeholder interaction at the onboarding stage of inter-protocol integrations, ensuring the highest degree of security and a continual process for risk mitigation at a project basis and at the ecosystem level. As the leading DEX on Moonbeam, we recognize that there is a strong dependency for the usability of assets across various protocols on Moonbeam.
- Set up internal risk management tools that govern key risk vectors such as bridging risks, and embarking on a risk-calculated approach for our infrastructure, such as greater silo-ing of bridged asset farms. This will ensure safeguard to stop or mitigate against systemic risks that occur as a result of a compromised vector.
Besides the aforementioned approaches, it is vital to have a robust plan going forward to spearhead growth of Moonbeam ecosystem.
Prior to the exploit, StellaSwap had huge plans in actualizing products that will add tremendous value to our users and the ecosystem. While there’s no denying that what transpired was a major setback, we are excited to share with our community what is coming up;
- IDO Launchpad: We’ve had massive support from the community for our very first IDO featuring Athos Finance, with over 100 users that has passed KYC. We remain committed to seeing this through, and are working on the finaldetails on when the IDO would occur.
- Liquid Staking (stGLMR): Opening up liquidity for staked GLMR would introduce a layer of usability and composability of GLMR, thereby actualizing the powerful possibilities of DeFi.
- Concentrated Liquidity (Con.Liq): In the pursuit of innovation, StellaSwap is keen on integrating Con.Liq to drastically improve the trading experience for users, through the most efficient mechanism for price discovery that we see today. This would add tremendous value for all stakeholders, especially for liquidity providers via maximizing utilization rates as well as tokenholders, via effective emissions handling
We understand the pain and disappointment of affected users. As users ourselves, the StellaSwap team lost funds of our own in this episode. We are working day and night throughout this event, That is why we’re 100% committed in doing everything we can to make things right. We will continue to engage our community, provide the latest information (as it is available to us) and work with relevant stakeholders. Any and all feedback is vital to us to further improve and push for actions.
Join our Discord to reach us: discord.stellaswap.com
StellaSwap is the first and leading Moonbeam DEX that offers an integrated gateway to the DeFi world. Users can swap, earn, yield farm, bridge assets, explore new projects and engage in NFT trading all from a single unified platform. StellaSwap’s products are structured in such a way that facilitates decentralized governance of STELLA holders, while continuing to innovate on the collective foundations by design.