Mitigate Post-Shutdown Flash Loan Vulnerability - March 9, 2022
The Governance Facilitator(s) and the Protocol Engineering Core Unit have placed an out-of-schedule executive proposal into the voting system. MKR Holders should vote for this proposal if they support the following alterations to the Maker Protocol.
If you are new to voting in the Maker Protocol, please see the voting guide to learn how voting works, and this wallet setup guide to set up your wallet to vote.
Executive Summary
This out-of-schedule executive proposal mitigates the post-shutdown flash loan vulnerability in the Maker Protocol as described by the Protocol Engineering Core Unit here. Note that there is no risk to Maker Protocol or any of its stakeholders so long as Emergency Shutdown has not been triggered.
Voting for this executive proposal will place your MKR in support of the changes and additions outlined above.
Unless otherwise noted, the changes and additions listed above are subject to the GSM Pause Delay. This means that if this executive proposal passes, the changes and additions listed above will only become active in the Maker Protocol after the GSM Pause Delay has expired. The GSM Pause Delay is currently set to 48 hours.
If this executive proposal does not pass within 30 days, then it will expire and can no longer have any effect on the Maker Protocol.
Proposal Details
Mitigate Post-Shutdown Flash Loan Vulnerability
If this executive proposal passes, it will mitigate the post-shutdown flash loan vulnerability in the Maker Protocol as described by the Protocol Engineering Core Unit here. It does this by:
- Giving a new module
flash-killer
authorization over the Flash Mint Module, such that anyone can permissionlessly useflash-killer
to disable the Flash Mint Module in the event of Emergency Shutdown being triggered. - The vulnerability is not exploitable until 3 days (currently) after Emergency Shutdown is triggered, meaning there is a 3-day window where any user can disable the Flash Mint Module using
flash-killer
before an exploit can take place.
The Protocol Engineering Core Unit considers this a temporary mitigation and recommends that the issue be solved more permanently in the future via the replacement of the Flash Mint Module. The source code for the flash-killer
module can be found here. The flash-killer
contract address is 0x07a4BaAEFA236A649880009B5a2B862097D9a1cD.
Review
Community debate on these topics can be found on the MakerDAO Governance forum. Please review any linked threads to inform your position before voting.
Resources
Additional information about the Governance process can be found in the Governance section of the MakerDAO community portal.
To participate in future Governance calls, please join us every Thursday at 17:00 UTC.
To add current and upcoming votes to your calendar, please see the MakerDAO Public Events Calendar.