π POH Governor Exploit Attempt: Blocked! π‘οΈ
Kleros stopped a complex attack on the @proofofhumanity DAO governor, which could have drained the DAO's funds. 46 ETH were saved!
How? Through effective mechanisms, incentives, and an active community. πͺ
Read more π
β What happened? A few weeks ago, a technically sophisticated malicious proposal aimed to reroute DAO funds to an attacker-controlled address.
But it was stopped in its tracks!
β Fortunately, our developers and community members, vigilant in monitoring the governor, detected this.
One hero launched a counterattack with an alternative list and claimed the attackerβs deposit! π°
How does this work, exactly?
β Kleros Governor Mechanics: The Kleros Governor is a smart contract that decentralizes DAO governance execution.
It functions by allowing batches of transactions, representing governance decisions, to be submitted as lists.
blog.kleros.io/governor-explainer/
β
These lists require a deposit in Ethereum, which is forfeited if the proposal is deemed malicious.
The deposit amount in this case was 4.495 eth, and it works as a bounty to incentivize "keepers" to watch for any movement. π οΈ
β The Attacker's Move:
The attacker deployed a custom smart contract to submit a list to the PoH Governor, accompanied by the eth deposit.
Probably an attempt to evade the notification systems that could be listening to the standard calls. π₯Έ
SC: etherscan.io/address/0x8ed3c7ff017b9037156e2b379acc32455d943148
β The transaction's intent? To transfer ETH to a new address, presumably under the attacker's control.
Had it gone unchallenged, it would have been executed, transferring 46 ETH to the address and depleting the PoH DAO's funds. π±
Transaction: etherscan.io/tx/0x93a278a5d635a4918e30e5f1ab628c3840135fea34828b67060835258804c356
β Technical Response and Counter-Proposal: Upon identifying the threat through alerts, a member of the Kleros community swiftly formulated a counter-proposal.
The defender sent a set of valid transactions.
Evidence: ipfs.kleros.io//ipfs/QmYKFXPNyGUpfbyCPtXBXMdTQv4rMnUR4gJNDnEEeEupWF/will.html
Tx:etherscan.io/tx/0x904dc47d67a4397222cb50d80c1d64dc97213205a584c048a2d91d2604308f5c#eventlog
β At this point, two competing lists were available on the governor: list 7 (attacker's) and list 8.
How did the Governor decide which one was correct, and if list 8 was valid? π
ββ A new case in the Kleros court! βοΈ
klerosboard.com/1/cases/1621
Jurors decide: when more than one list is submitted to Kleros, it is up to jurors to decide which list is more appropriate. π§ββοΈ
ββ In this case, it was very easy for jurors to identify the malicious list, and the one that actually proposed POH votes.
Jurors ruled in favor of List 8 unanimously and received rewards for arbitration, the attacker lost its deposit, and the defender got a bounty! π
ββ Effective Mechanisms: This incident highlights the strength of Kleros' mechanisms and incentives for DAO governance.
Our system not only encourages vigilance but also rewards proactive actions, leading to a swift response even on complex cases. πͺ
ββ It's also a testament to the efficiency of our courts and the skill of our jurors in navigating intricate transactions. π οΈ
Apart from @proofofhumanity, Kleros is being used in the governance setup of @1inch DAO, @Agave_lending, @rhinofi and others!
Want to learn more?
twitter.com/Kleros_io/status/1712028095681868049?s=20
ββ
Check this detailed article on how our @Snapshot + @safe @GnosisGuild module works!
Are you setting up a DAO or want to update your setup? DM @alex__eth to get some assistance.
Stay safe!
blog.kleros.io/introducing-the-kleros-snapshot-module/
You can read the unrolled version of this thread here: typefully.com/Kleros_io/5yDM4vb