How it works
The Hack Mitigation Protocol has a set of steps that need to be taken in order to successfully prevent the hacks.
There are three main tasks that take part in the Hack Mitigation Protocol and one extra task that while it’s not essential, it serves as a booster to provide more visibility and urgency to a certain report.
The three principal tasks can be broken down into:
- Report Generation
- Report Investigation and Solving
- Stolen funds refunding and Reward distribution
The extra step available to the community, while extremely useful, is not necessary for a report to be processed:
- Report Staking
On each step there are some roles that take part in the process.Some of them are official roles that need to be given on smart contract level while others are community roles which can be interchangeable and fluid. They can be broken down into:
- 1.Token Owners
- 2.Committee Members
- 3.Lossless Team
- 2.Community Stakers
- 3.Refund Wallets
- 4.Incorrectly blacklisted addresses
- 5.Malicious Addresses
Project owners that issued token with the LERC20 standard integration. Depending if they also are admins of the token, they are part of the Making Decision Body in charge of investigating and voting on reports.
A set of independent people who are experts in their own fields like blockchain layer 1, layer 2, application layer, smart contracts auditing, key opinion leaders, legal opinion leaders and so on. As part of the Making Decision Body they take part into investigating and voting on reports.
Lossless company members are also part of the Decision Making Body. They take part into investigating and voting on reports.
This role is responsible of generating report over incidents, hacks or scams. They stake a certain amount of tokens in order to generate a report.
Depending on the outcome of the report, being positive or negative, they get rewarded with a percentage of the stolen funds or their stake gets slashed.
The purpose of community staking is to provide a better understand where the community stands on the submitted report. If there’s a lot of people staking money on report being valid there’s a high chance it is. It could be seen as one sided prediction market that brings wisdom of crowd on chain.
If the report gets solved positively, meaning it was a legitimate issue, they’ll get rewarded depending on the timeframe they staked their tokens on a report.
This is the address where the stolen funds should be returned. After a report gets generated, staked on and solved, the stolen funds are retrieved into the Lossless Smart Contracts. The refund wallet can be proposed by either the Lossless Team or the LERC20 Token Admins. Any of the parts of the Decision Making Body can also reject a wallet if they realise it’s not appropriate. Then another one can be proposed.
Addresses that got reported and the report turned out to be legitimate. This addresses will be added to a blacklist so they cannot operate anymore with the LERC20 tokens and the stolen funds can be retrieved.
Address that was reported, but the report turned out to be resolved negatively or not resolved in report lifetime. As a way to mitigate the damage that could have been done for the time they had their tokens locked, this addresses will be able to claim a compensation.
After a suspicious or malicious transaction is found by one of the finders the following steps will be taken in order to get to the objective which is retrieving the stolen funds.
- 1.Report Generation
- 2.Report Staking
- 3.Report Investigation and Solving
- 4.Stolen funds refunding and Reward distribution
Each LERC20 Standard Token can set up their own settlement period by interacting with the Lossless Controller V3. The settlement period works by queueing the received funds for the amount of time configured by the Token Owners. This mechanism stops the single transaction hacks, cause the exploiter is no longer able to steal the tokens and sell them in the single transaction.
With the settlement period an address is able to transfer unsettled tokens only once per period. After the period passes, the received tokens become settled and can be moved freely.
Furthermore, on each settlement period, there’s a transfer threshold when sending funds to a DEX. This allows the users to transfer some amount of the unsettled tokens and thus reduces an impact on retail trading.
Visual Flow of the Settlement Period
This is the first and foremost step to be taken when an incident is identified. The finders would proceed to generate a report in order to trigger an investigation on a particular address and token.
The report will be generated with the following parameters. LERC20 Token Smart Contract Address of the stolen funds and the Address that allegedly stole the funds.
As soon as the report gets generated the LERC20 Token gets an Emergency Mode activated which lasts for one settlement period.
The report will be valid for a certain period of time on which it’ll be worked on, staked and investigated. As soon as the report gets generated the reported address gets blacklisted immediately so the stolen funds cannot be moved.
The report will also be immediately listed on the Lossless Dashboard.
As an extra feature, if the malicious address manages to front run the report, a second address can be added to the report. This second account will have the same penalties as the main reported address, but one be able to front run the finder again because of the emergency mode.
It refers to a state the token enters when a new report gets generated. It lasts for one settlement period and during this time the transfers work differently than with the regular settlement periods.
During the emergency mode, no unsettled tokens can be moved without exception.
As soon as the report is generated, the community stakers can proceed to perform their own research over the address that has been marked as illegitimate. This is up to each staker but it’s highly recommended in order to prevent the loss of tokens by staking indiscriminately.
When the research is done or they are sure about a report legitimacy a stake can be placed using a report Id. The staking amount will be only one, set in the Lossless Staking Smart Contract.
The rewards to stakers will be assigned under two conditions.
First one is that the report must be solved positively, otherwise the staked amount gets slashed.
The second conditions is the timestamp on which the staking was done after the report was generated. The rewards distribution mechanism can be summarised by the following: “The earlier someone stakes, the more rewards for the staker“.
The objective of this condition is to give more value to the first stakers that took the time to investigate and stake rather than jumping to a bandwagon after the information over a report has already been made public and widely known.
While the report’s lifetime is active the Making Decision Body will take on the task to investigate a report and vote on it.
In order to resolve a report two out of three parts of this group should agree and cast a vote. Otherwise there won’t be enough votes to generate a decision. Likewise if only two of the parties voted, one being positive and one being false, a third vote is needed to untie.
If resolution fails during its lifetime, it will be solved negatively. Meaning that the reported address will be taken off the blacklist and it’ll be compensated with a percentage of the staked tokens. This is the same scenario as if the report gets solved negatively by having the majority cast a negative vote.
If the report gets solved positively, meaning that two thirds of the Decision Making Body casted a positive vote, the stolen tokens get retrieved automatically and the address gets permanently blacklisted.
This closes the report active period and the final steps of the workflow take place.
When the report gets solved there are two things that can happen:
The report wasn’t legitimate. When this situation happens, the staked tokens both from the finders and stakers get slashed.
The reported address will be removed from the blacklist. Also this previously blacklisted address will be eligible to claim a compensation.
This allows various processes to take place in order to get the funds back to the rightful owner and for each party to claim their rewards.
When the report gets closed and solved positively the following roles will be entitled to a reward which can be claimed on their respective Smart Contract
*This percentage is distributed among all stakers and weighted by timestamp of stake. The earlier the stake was set, the higher the reward.
**This percentage is distributed among all committee members that casted a vote on the report.
In order to get the stolen funds back to the owners a refund wallet must be proposed by the LERC20 Token Owner or the Lossless Team. This wallet will endure a certain period where any of the parties of the Making Decision Body can reject it.
After the period is over and no disputes are raised, the address will be entitled to claim the retrieved funds which will encompass the stolen funds minus the rewards percentages.
If the proposed refund wallet gets rejected by the majority of the Decision Making Body, then another refund wallet can be proposed and the mentioned process will take place again. This can be done indefinitely until a consensus has been reached.