Lossless is the first DeFi hack mitigation tool for token creators. The Lossless project builds upon the popular ERC20 standard to include security features. This Lossless core functionality (aka LERC20 standard) relies on the LSS token. On Ethereum, the LSS token can be staked by anyone to point out a hack and initiate its review. The review of the transaction can then lead to its reversal and to return of the hacked funds to the rightful owner.
Anybody in the community can submit a report by paying reporting fee in LSS tokens to freeze any address for 24 hours. Then, additional tokens can be staked without generating a new report to signal a wider belief that a hack took place. In 24 hours, evidence is reviewed and a decision is made if a hack has occurred or not. If a hack is confirmed, the stakers are rewarded; otherwise their stakes are slashed.
If you launch your token using the Lossless Token Generator at Lossless Token Generator it indeed provides code that has been audited by Hacken. However, Hacken would need another audit to officially publish an audit dedicated to your project.
Yes, but we recommend that any customisation (ie, any changes to the code) get an independent audit.
A token relaunch will be required to enable Lossless protection. Please contact us and we will help to plan the relaunch.
LERC20 is an extension of the ERC20 standard. LERC20 enables all the Lossless features. It has the same methods and interface as ERC20 with a few extra methods, modifiers and variables. Please see LERC20 for a detailed technical reference.
If you decide that Lossless is not bringing you value anymore, there is a method in your token contract that allows turning the Lossless functionality off.
Lossless strives to stop stealing and hacking transactions as detailed in our Whitepaper. However, the projects deploying Lossless protection will be able to configure some of the parameters. In particular, the “settlement period” is configurable; it is a parameter that determines the amount of time before a newly received token has to be kept before being moved to a DEX.
We think that 20 minutes is a reasonable settlement period. However, it may make sense to set a different period depending on how your token is typically used etc.
The Lossless project has two main components: the Finders and the Decision Making Body. Anyone can be a finder, it’s permissionless. The Finders stake their LSS tokens in order to freeze a hacker’s address after they notice a suspect transaction. Then the Lossless Decision Making Body decides if the transaction was actually a hack or if a Finder was wrong and froze someone for no good reason. The Lossless Decision Making Body consists of three main parties: the LERC20 token project owner, the Lossless team and the Lossless Committee. To make a decision, two out of these three parties have to align. After this decision is finalised, the stolen funds are returned to the wallet that is proposed by the LERC20 token project owner.
The idea is to make it as transparent as possible. The vote on frozen funds has a pre-programmed way to deal with the funds. This means that no one will be able to somehow move the funds or invalidate the governance decision.
Lossless core protects against that by enforcing a certain amount of time that has to pass before a newly received token is sold (“settlement period”).
If the stolen assets not held in LERC20 tokens, Lossless core cannot help.
In the future all the changes to the Lossless contract will be time-locked with substantial advance time so that all interested parties can analyse them in detail. Also lossless is committed to deploying publicly audited code.
The Lossless project is a public team staking our personal reputation on the successful operation of the Lossless code. All our code is public and it is being audited by multiple top auditing shops. Furthermore, there might be additional insurance options in the future through our partners – stay tuned.
An estimated 7% fee paid from the stopped hack transaction. Paid only when it is stopped, in native tokens.Uses of revenue: Native tokens are used to buy LSS tokens and distribute:
- 2% is paid out to finder - finders identify and report fraudulent transactions that originate from exploits, hacks, or scams. A report must pinpoint the incident by providing (1) the LERC20 Token contract on which the incident is taking place and (2) the address of the malicious actor. If the correctness of the report is confirmed, the Finder is rewarded with a fraction of the tokens that were initially stolen. In contrast, if the report is rejected as incorrect, the Finder’s stake is taken.
- 2% is distributed for LSS token holders that stake - stakers stake tokens on open reports they believe to be legitimate in order to give more visibility and credibility to the report. If the correctness of the report is confirmed, the Staker is rewarded with a fraction of the tokens that were initially stolen. The reward is calculated based on the time of the stake. In contrast, if the report is rejected as incorrect, the Staker’s stake is taken.
- 2% is distributed for Lossless Committee - the Committee is a group of people from diverse sectors within the blockchain ecosystem. These members have the capability to vote and resolve reports as well as make decisions about where the stolen funds should be returned. Each Committee Member has an individual vote. The decision of the whole Committee counts as a single vote, that is, ⅓ of the total voting power in addition to the Lossless company (1/3) and the Token project team (1/3). If half plus one of the committee members cast a positive vote the whole committee is considered to have voted in favor of a report being correct. Committee Members are rewarded for participating in the investigation and resolution of a report
- 1% is retained by Lossless company - the Lossless Team is composed of a group of people from the Lossless Protocol. It also has 1/3 of the voting power. The Lossless Team can determine the outcome of a report being legitimate if two-thirds of the decision-making body cast a positive vote. The company takes 1% from the 7% retrieved from a hack to continue its activities and develop further.
We have received multiple inquiries from various projects, and we are actively thinking about expanding our product offering to also protect NFTs. However, we remain focused on delivering on our roadmap first of all.