Pre-Bug Remediation Rewards for the Base Safety Module

Summary

Recently, the Base Safety Module experienced a minor bug triggered by the execution of MIP-X28. While no staked funds were ever at risk, the bug allowed a small number of users to claim the full reward budget from MIP-X28, resulting in an estimated loss of 8.4M WELL. Moonwell contributors propose making affected users whole for the rewards they were legitimately owed before the bug was triggered. A number of users who received excess rewards have already offered to return them to the DAO, which is appreciated and will help reduce the loss.

We propose distributing WELL to Safety Module participants on Base based on their accrued rewards up to the block immediately before the execution of MIP-X28. Moonwell contributors are evaluating whether Sablier or Angle Protocol offers the best method for distribution. Contributors will aim to ensure that any claim fees (Sablier charges ~$1-2 in ETH per claim) are covered by the Moonwell DAO so that participants receive their full owed amount of rewards, except for those accounts that claimed an abnormally high amount and didn’t return the excess tokens. A full snapshot, verification data, and the list of addresses that claimed excessive rewards (and the amounts they are encouraged to return) will be published before funding and setting up the claim process.

Background

The bug was an edge-case in the Base Safety Module reward configuration. It was triggered when:

1. An address transferred stkWELL to the stkWELL contract, creating a non-zero balance in the contract, and then

2. An admin function was called on Base and updated the reward configuration, which caused reward accruals to inflate. Other chains (OP Mainnet, Moonbeam, Moonriver) are unaffected. Updates to reward configurations will now use an admin path that avoids the faulty code.

The erroneous claims occurred after MIP-X28 updated the reward speed of the Safety Module on Base. Total excess claims were approximately 8.4M in WELL. The inflated claims can be viewed here.

1600×223 112 KB

While this loss is not material compared to the total WELL token supply, users should not bear the cost of implementation edge cases. This proposal is the first step in restoring rewards for the period before MIP-X28 was executed. A separate proposal will address the post-execution period with a time-weighted distribution.

Scope of Proposal

• Make Base Safety Module participants whole for legitimate rewards accrued before the bug was triggered.

• Seek DAO approval for a WELL grant from the Moonwell Foundation to fund these distributions.

• Stream rewards to affected users via Sablier or Angle Protocol, with claim costs covered by the DAO.

• Continue working with Halborn to ensure this issue cannot reoccur.

Timeline

1. Review: Halborn will review and approve the reward distribution method

2. Onchain vote: Once the distribution method and funding details are finalized we will proceed to an onchain vote.

Fair… Hopefully Halborn can move quickly. Also, thank you to those who returned the funds!

1.- What is the # of $WELL that got (or are going to) get returned?

2.- How are you planing to get those $WELL back?

ALL IS WELL

Hi there … how do you return the rewards that were overclaimed?

Hey, @NickyB! Thanks for your generous offer, it’s much appreciated. An address will be shared next week that you can use to return the excess staking rewards. We’d kindly ask you to also join the Moonwell Discord and open a support ticket there, so we can follow up properly. Please stay cautious of scammers — the only safe ways to communicate with Moonwell are here in the Gov Forum and through support tickets on Moonwell Discord. Thanks again!

I claimed 1 WELL as well, as I was fiddling to understand what’s going on during that time. The tx is also in the list of the inflate claims above. OFC I’d return that too if needed…

Many of the wallets that requested withdrawals have transactions to centralized exchanges like Coinbase, which are easy to track. What will happen to those who don’t return the funds?

With the help of centralized exchanges like Coinbase, it’s easy to identify their identities and places of residence.

If possible, their staking assets can also be frozen—there are substantial amounts there that could help cover part of the losses.

Not sure if any of their assets could be frozen tbh. Depends on the smart contracts. The current stake contract does not have any of such means to blacklist or pause individual users. Maybe with a migration or replacement of contracts.

But in general I agree that these people should be forced to return the funds, some way or another. Even if they need to buy back the tokens they already sold, it will be beneficial for them. They basically took a loan to to a successful short bet.

An update on this proposal has been added here: MIP-B45: Base Safety Module Remediation