WIP33:WePiggy 协议资金事件应急预案 / WePiggy Protocol Incident Emergency Plan

1 、前言

提案编号:WIP33
提案名称:WePiggy 协议资金事件应急预案
提案作者:Core Devs
有关提案:无
替换提案:无

2 、摘要

本提案中,核心开发团队提议根据社区提出的质疑以及建议,修正 WePiggy 协议原有的资金事件处理流程,并通过本提案明确“事件”的定义,划定事件补偿来源、优先级以及补偿上限。

3 、动机

“2021 年 12 月 15 日 5 时 21 分(UTC+08:00),WePiggy-OEC 由于预言机报价出现短暂错误,CHE 报价远高于市场价格,导致借取 CHE 的用户遭到了异常清算。根据事发时的价格统计,用户资产总损失约为 40 万美元。”

随后, WePiggy 开发团队启用协议资金(包括:准备金收入,其它收入,WPC 风险准备金)对事件中受损用户进行100%预先赔付。

详情: https://www.yuque.com/zgryhn/fg3t76/lylhsl#CPr0Q

由于此次事件处理,没有通过社区正式提案以及投票表决,受到了社区用户的质疑。

为了纠正此前采取的违背社区治理精神的解决方案,本提案旨在根据社区讨论(链接:WIP33:WePiggy 协议事故解决方案 / WePiggy Protocol Incident Resolution) 中所达成的共识,对 WePiggy 协议资金事件应急预案相关的内容做出明确规定以及修正。

4 、正文

4.1 WePiggy 协议对于事件的基本观点

由于 WePiggy 协议自身问题导致用户资产损失,原则上由 WePiggy 协议财库负责,具体补偿方案,由社区共同讨论并执行。

属于第三方责任,原则上不应该由协议负责。若社区成员认为协议确实有垫付损失的必要,也可以发起讨论并提交正式提案由社区的 WPC 持有者共同投票表决。

4.2 WePiggy 协议事件补偿来源、优先级以及补偿上限

4.2.1 补偿来源

1、协议早期的质押挖矿盈余;
2、借贷协议中的准备金部分;
3、WPC 代币分配中的风险准备金部分。

4.2.2 优先级以及补偿上限

1、某个网络上的用户损失,优先使用该网络的所有准备金;
2、如果该网络准备金不够,使用协议早期质押挖矿的盈余;
3、如果还是不够,根据事件发生时该网络分配到的 WPC 比例(以当时 DAO 页面的展示为准:https://wepiggy.community/dashboard),计算该事件可以用于补偿的 WPC 风险准备金数量。并以事件之前 14 天的 WPC 市场均价为准,在受损用户中按资产损失的比例进行分配。

4.3 WePiggy 协议对于事件的处理流程

1、事件调查取证(链上数据搜集,协议紧急风控,多方联合调查)

2、事件报告发布(初步报告,根据事件进展阶段性更新)

3、社区投票决策(根据事件调查报告,对事件定性,定损,讨论垫付方案,并发起正式提案)

4、用户损失垫付(提案获得社区投票支持以后,由社区监督开发团队执行)

a. 受损用户提出申请
受损用户通过社交媒体向 WePiggy 核心开发团队发起启用协议资金垫付损失的申请。

b. 链上身份验证
受损用户在链上发送 WePiggy 核心开发团队指定的信息,验证地址所有权。

c. 链下签署协议
受损用户提供本人信息,并签署损失垫付的相关协议。

d. 启用协议资金垫付
将协议财库中的相关资产,转化为用户损失的对应资产,发送给受损用户。

注:垫付之后,若发现黑客退还了部分资金到团队地址或用户地址(业内常见现象),团队或用户应该与社区主动沟通,将这部分资金返还给 WePiggy 协议。否则,应由社区采取一切必要之手段,使其返还。

5、事件损失追讨(若明确存在黑客攻击行为)

5、选项

1、支持此方案
2、反对此方案

--------In English----------

WIP33: WePiggy Protocol Incident Emergency Plan

1. Preamble

Proposal Number: WIP33
Proposal Title: WePiggy Protocol Incident Emergency Plan
Proposal Author(s): Core Devs
Related Proposals / Dependencies: N/A
Replacement Proposal / Replaces: N/A

2. Abstract

In this proposal, the core development team proposes to revise the original emergency plan of WePiggy protocol, clarify the basic views on “incident”, the source, priority and upper limit of incident compensation, according to the suggestions raised by the community.

3. Motivation

“At 5:21 (UTC+8) on DEC 15, 2021, WePiggy-OEC protocol experienced a short-term error in the CHE oracle, causing the CHE price in WePiggy to be much higher than the market price, and resulting in abnormal liquidations for users who borrowed CHE assets. Based on prices at the time of the incident, the total loss of user assets was approximately US$400,000.”

Subsequently, the WePiggy core development team used the funds belonging to the protocol (including: reserves, other income, WPC risk reserve) to pay 100% of the users’ losses in the incident in advance.

Details: https://www.yuque.com/zgryhn/fg3t76/lylhsl#CPr0Q

Since the handling of this incident was not conducted through formal community proposals and voting, it was questioned by community users.

To correct the previous resolution that violates the spirit of community governance, this proposal aims to make clear provisions and amendments to the content of the emergency plan for the WePiggy protocol incident based on the consensus reached in the community discussion (link: WIP33:WePiggy 协议事故解决方案 / WePiggy Protocol Incident Resolution).

4. Specification

4.1 WePiggy Protocol’s Basic Views on “Incident”

In principle, the WePiggy Protocol Treasury shall be liable for the loss of user assets caused by the WePiggy protocol itself. The specific compensation plan shall be discussed and implemented by the community.

If it is a third-party service problem, in principle, the WePiggy protocol should not be liable. If community members believe that the protocol must compensate users upon an incident, they can also initiate a discussion and submit a formal proposal and the WPC holders in the community will vote on whether to support it.

4.2 Compensation Source, Priority and Upper Limit

4.2.1 Compensation Source

1 The mining pool extra rewards in the early days of the protocol

2 Reserves in WePiggy lending protocol

3 The risk reserve part of WPC token distribution

4.2.2 Priority and Upper Limit

1 The loss of users on a certain chain should be mainly compensated by all the reserves on that chain;

2 If it is not enough, should use the mining pool extra rewards in the early days of the protocol;

3 If it is still not enough, should use WPC risk reserve, the exact amount of WPC risk reserve that can be used for compensation according to the WPC distribution proportion (it shows on https://wepiggy.community/dashboard) of that chain at the time of the incident, and settle according to the average WPC market price in the 14 days before the incident.

4.3.4 New Emergency Plan

1 Incident investigation and evidence collection (On-chain information collection, protocol emergency risk control, multi-party joint investigation)

2 Issue of the incident report (preliminary report, updated periodically according to the progress of the incident)

3 Community governance voting (According to the incident report, figure out what happened, how much losses, how to compensate, and initiate a formal proposal)

4 Advance payment for user losses (after the proposal has been passed, the community will supervise the development team to execute it)

a. The affected users submit requests
All affected users have submited requests for enabling reserves to advance losses to the WePiggy development team through social media.

b. On-chain identity verification
All affected users have sent on-chain information specified by the WePiggy development team to verify address ownership.

c. Sign the agreement off-chain
All affected users have provided their personal information and signed relevant agreements for the advance payment of losses.

d. Enable reserve to advance losses
Take out the relevant assets in the protocol’s treasury and convert them into the corresponding assets lost by users and send them to the affected users.

Note: After the advance payment, if the hacker returned part of the funds to the team address or user address (it’s common in the crypto field), the team or user should actively communicate with the community and return the funds. Otherwise, the community should take all necessary means to make them return.

4 Recovery of incident losses (if there is a hacker attack)

5. Option Description

Option 1: For this plan
Option 2: Against this plan

1 Like

支持!原则上的东西,基本就是我之前提到的,脏活累活团队负责执行,决策权要牢牢把握在社区,这样咱们社区才有长远的发展。 :yum:

1 Like

支持支持!很不错,很不错! ୧⍢⃝୨