DeFiScan

@defiscan

18 Following

5 Followers

DeFiScan pfp

We trusted governments; they failed us We trusted corporations; they robbed us We trusted billionaires; they played with us How about we stop trusting and harness the core - humanity changing benefit - that blockchains enable? Do not give even the chance to be evil. defiscan.info

0 reply

0 recast

0 reaction

DeFiScan pfp

GM Ants, we will organise a community call this Thursday: - The latest news about the Collective and DeFiScan - News from the supported protocols - Answer any of your questions! You can share yours in advance here or on X : https://x.com/DeFiCollective_/status/1909219013814612066

0 reply

0 recast

0 reaction

DeFiScan pfp

DeFiScan is in the GG23 OSS Round (Developer Tooling and Libraries)! DeFiScan is building a framework and dashboard (MIT license) to provide unbiased insights into DeFi projects. We analyse and monitor the decentralization stage of DeFi protocols through thorough peer-reviews made by our in-house decentralized researchers and with YOU in our various community initiatives! Follow us to learn more and, please, consider supporting here: 🔗 https://explorer.gitcoin.co/#/projects/0xfea413dfe93e444462785e29ac6d024133219ed459163edede986adb84ed2711 (any amounts >1$ helps us tremendously)! Thank you @gitcoin for supporting d/acc builders and fostering opensource funding!

0 reply

0 recast

0 reaction

DeFiScan pfp

DeFiScan is in the GG23 OSS Round (Developer Tooling and Libraries)! DeFiScan is building a framework and dashboard (MIT license) to provide unbiased insights into DeFi projects. We analyse and monitor the decentralization stage of DeFi protocols through thorough peer-reviews made by our in-house decentralized researchers and with YOU in our various community initiatives! Follow us to learn more and, please, consider supporting here: 🔗 explorer.gitcoin.co#/round/42161... (any amounts >1$ helps us tremendously)! Thank you @gitcoin for supporting d/acc builders and fostering opensource funding!

0 reply

0 recast

0 reaction

DeFiScan pfp

DeFiScan is in the GG23 OSS Round (Developer Tooling and Libraries)! DeFiScan is building a framework and dashboard (MIT license) to provide unbiased insights into DeFi projects. We analyse and monitor the decentralization stage of DeFi protocols through thorough peer-reviews made by our in-house decentralized researchers and with YOU in our various community initiatives! Follow us to learn more and, please, consider supporting here: 🔗https://explorer.gitcoin.co/#/round/42161/863/51 (any amounts >1$ helps us tremendously)! Thank you @gitcoin for supporting d/acc builders and fostering opensource funding!

0 reply

0 recast

0 reaction

DeFiScan pfp

Overall Score: Stage 0 Compound V3 achieves high centralization risk scores for its Upgradeability, Autonomy and Exit Window dimensions. It thus ranks Stage 0, but the protocol can improve its decentralization with the following measures: 1. Adopting a Security Council setup meeting the requirements for the ProposalGuardian and PauseGuardian multisig accounts 2. Implementing validity checks and a fallback mechanism around the Chainlink oracle (or Chainlink adopting a Security Council setup for its own multisig account) With these changes, Compound V3 will be eligible for Stage 1. 🔗Links ✍️Protocol Reviewer: https://x.com/@mmilien_ 📜DeFiScan complete review: https://www.defiscan.info/protocols/compound-v3 X: https://x.com/compoundfinance Website: https://compound.finance/

0 reply

0 recast

0 reaction

DeFiScan pfp

⚠️Warnings During our analysis, we noticed many of the contract addresses listed in the official documentation are out of date. This is most likely explained by the high frequency of updates to the implementation contracts.

0 reply

0 recast

0 reaction

DeFiScan pfp

🚪Accessibility 🟢Compound V3 has a low-risk score The frontend of Compound V3 is open source. Instructions to deploy it locally or deploy it on @ipfs are available(https://github.com/compound-finance/palisade). However, the frontend depends on a separate backend that is accessed through v3-api.compound.finance/. Therefore, self-hosting does not help if the backend is down. Nonetheless, compound is supported on third-party apps like @defisaver. These apps build an acceptable backup solution in case of failure of the official frontend and backend.

0 reply

0 recast

0 reaction

DeFiScan pfp

A security council called Pause Guardian has the power to pause all deposits, withdrawals, and transfers in the protocol. The guardian is currently a 4/8 multisig made of Compound DAO community members. The signers announced on the governance forum do not match the current signers set . The same multisig is also Proposal Guardian and has the power to cancel Governance Proposals before their executions.

0 reply

0 recast

0 reaction

DeFiScan pfp

🪟Exit Window 🔴Compound V3 has a high-risk score Permissions, including protocol upgrades, are controlled by an onchain governance system. $COMP holders are able to create new proposals (requires 25,000 $COMP) and vote on proposals (at least 400,000 votes are required for a valid proposal). A minimum voting period of 3 days is enforced as well as a delay of 2 days for the implementation of successful proposals. While this does not meet the 7-day exit window requirement, malicious or unintended proposals can be intercepted by the ProposalGuardian multisig account. However, both the ProposalGuardian and the PauseGuardian multisig accounts do not meet the 🛡️Security Council Requirements: > 7 signers: Pause Guardian✅, Proposal Guardian✅ > 51% threshold: Pause Guardian❌, Proposal Guardian❌ > 50% non-insider signers: Pause Guardian❌, Proposal Guardian❌ Publicly announced Signers: Pause Guardian❌, Proposal Guardian❌

0 reply

0 recast

0 reaction

DeFiScan pfp

⛅Autonomy 🔴Compound V3 has a high-risk score The protocol relies on a Chainlink oracle feed to price collateral and base assets in the system. The protocol does not validate asset prices returned by Chainlink or offer a fallback oracle mechanism. The replacement of a stale or untrusted oracle feed requires a Compound governance vote with a delay (see Exit Window section below).

0 reply

0 recast

0 reaction

DeFiScan pfp

🚨Upgradability 🔴Compound V3 has a high-risk score The Compound V3 protocol is fully upgradable allowing for the update of governance and markets logic and state (specifically the Governance and Comet implementation contracts). This can result in the loss of funds or unclaimed yield as well as lead to other changes in the expected performance of the protocol. The permission to upgrade the protocol is controlled by an onchain governance system with $COMP token holders submitting and voting on respective proposals. A multisig account, the ProposalGuardian, has the permission to cancel proposals to mitigate the risk of malicious or otherwise unintended proposals. This role can potentially be abused to censor proposals. Furthermore, another multisig account, the PauseGuardian, has the permission to pause markets, disabling depositing and withdrawing assets, if suspicious activity is detected. This role can potentially be abused to freeze funds and unclaimed yield in the protocol.

0 reply

0 recast

0 reaction

DeFiScan pfp

⛓️Chain To date, Compound V3 has been reviewed on Ethereum and Arbitrum: 🟢The Ethereum deployment has a low-risk score, it is currently the safest network for deploying DeFi protocols. 🟡The Arbitrum deployment has a medium risk-score. It is a Layer 2 in Stage 1 according to @l2beat, whose assessments are authoritative here These ratings may be updated if the safety of these chains is reassessed.

0 reply

0 recast

0 reaction

DeFiScan pfp

Compound V3's DECENTRALIZATION review: STAGE 0 Compound V3 is a lending protocol that accepts a base asset as liquidity and allows borrowing this base asset with a variety of other assets as collateral. Multiple base assets are supported such as $USDC, $WETH, $USDT, $wstETH, and $USDS. Each base asset represents an isolated lending market managed by a separate instance of the protocol. Compound governance is able to update various parameters for each of these markets.

0 reply

0 recast

0 reaction

DeFiScan pfp

Decentralization Assessments Below is an overview of the contracts from the Compound V3 protocol. Each box on the graph represents an intermediary identified in this protocol that will have an influence on its decentralization according to our framework (https://www.defiscan.info/learn-more).

0 reply

0 recast

0 reaction

DeFiScan pfp

JOIN US live later today to present out project in the @giveth x @ensdomains x @octant Quadratif Funding round! We raise funds here (https://giveth.io/project/defiscan) to provide users and developers with verifiable insights into the maturity and risk metrics of various DeFi platforms! Any donation helps, no matter the size anon! https://x.com/OctantApp/status/1902784258068099405

0 reply

0 recast

0 reaction

Octant ⧫ pfp

📯 Reminder to join us for our 2nd Space tomorrow. It's one of the best ways to get to know the projects and the people behind them bringing them to life! 🌱 See who's on tomorrow👇 and tomorrow we're dropping Tuesday's lineup. https://x.com/OctantApp/status/1902784258068099405

1 reply

1 recast

5 reactions

DeFiScan pfp

We will organise a community call this Thursday! We have lots of news to share, this is the opportunity to catch up with the latest news about our operations and the @deficollective's, and ask your questions🐜 https://x.com/i/spaces/1LyxBWzvZPrKN/peek

0 reply

0 recast

0 reaction

DeFiScan pfp

0 reply

0 recast

0 reaction

DeFiScan pfp

Both reviews have been made by @mmilien_ (on x), congratulations to him! Full review available here: https://www.defiscan.info/protocols/uniswap-v3

0 reply

0 recast

0 reaction