Don’t Trust; Verify : An FTX Post Mortem and the Promise of DeFi

13 min readNov 8, 2022

You’d have to be under an 8.9-billion pound rock to have missed the FTX/Alameda fraud unravelling this past week. The biggest scam in crypto history was run by a single man behind two centralised entities — and yet, isn’t the promise of crypto decentralised, transparent, and trustless financial systems? In DeFi, we don’t need to trust individual actors to act decently or the law to punish them if they don’t — Code is Law, and all users are the jury. But DeFi has fallen subject to numerous hacks and exploits too. Does the fact that it’s decentralised really solve anything?

[Edited FTX explanations on 14th November]

CeFi vs DeFi

In case a high level refresher is helpful:

FTX was a crypto exchange and Alameda was a trading firm — they were independent entities both founded by Sam Bankman-Fried, and both were considered the top of their respective industries. Alameda was one of the largest market makers, and FTX’s exchange was a cash machine from trading fees alone, and held the funds of many retail investors and companies. FTX fraudulently used those consumer funds for various purposes, including to loan to Alameda using FTT (its own token!) as collateral, and ended up with a ~$10bn (!) hole in their balance sheet. After this came to light, FTT’s price collapsed and a bank-run ensued- both are now insolvent and filed for Chapter 11 bankruptcy.

To be clear, FTX is an exchange — not a bank — and was never authorised or known to be using customer funds for their own purposes. FTX was a centralised entity, meaning its transactions were not recorded on-chain and so it did not have the transparency and accountability that blockchain technology was first intended to provide. This type of fraud is literally impossible in open-source, smart-contract based DeFi. In utopian crypto land all users can:

Cross-examine transactions — due to the transparency of on-chain data

If there’s a design flaw leaving it susceptible to hacks or exploits, they can

2. Propose solutions — due to the democracy of code

3. Reach consensus — due to the decentralised system of governance

In this deep dive, I take a look at the idea that Code is Law and how that plays out in reality in DeFi.

Code is Law

In both TradFi and CeFi, we place our trust in humans. Historically, this has not gone well for us. Humans, even vegans, are fallible and myopic — and they aren’t actually all that great at managing other people’s money against their own short term greed.

Decentralised finance however, was built on the premise that ‘Code is Law’. Maximalists take this to mean that if the code of a DeFi smart contract permits something, then it is legal, even when that includes hacks. This debate first played out in the draining of The DAO in 2016 and the subsequent Ethereum fork [1], and many hackers still use this argument today [2]. I would rather take this to just mean that in DeFi we trust in code, not law, to regulate human behaviour. In this sense, Code is Law stands in two ways:

1) There is no need to retrospectively punish, as code, by structuring every stipulation as an if/then/else statement, determines what is and isn’t possible in the first place. Smart contracts are written and automatically fulfilled (hence ‘smart’).

2) All data is open source and visible to the public. Once transactions have occurred, they are recorded, and once they are recorded, they are immutable. That means no backroom deals, and no backdoors in the code. That also means that everything is subject to verification and improvement through the steps outlined in the above section on utopian crypto land.

The recent $100m drain of Solana-based trading platform Mango Markets is the perfect case study to look into the realities of DeFi hacking and code exploitation. The attacker, Avraham Eisenberg, took to Twitter and positioned himself as an anti-hero that merely performed a ‘highly profitable trading strategy’ that demonstrated design flaws in the code. This was not a hack in the sense that no one accessed or stole any assets they were not authorised to. It’s not like SBF’s case where he stole user funds and used them to profit without notifying them. Eisenberg exploited the price oracle data of the MNGO token to take out a huge under-collateralised crypto loan from the Mango treasury. If you make users whole, is it legally still theft? If you inspire other protocols to fix the same design mistake, is it maybe even actively ethical? Is starting a fire the best way to demonstrate a fire hazard?

The Mango Markets case- what happened?

Margin trading is the use of leverage (borrowing assets to trade with) to increase the potential financial gains. These loans typically take the form of lenders providing assets to a lending smart contract, and borrowers providing a security deposit (aka collateral) to withdraw the borrowed cryptocurrency. The amount one can borrow is determined by the amount of collateral. If the collateral value decreases under a specific threshold, the associated debt is recovered either by topping up or liquidating the collateral. As we know, cryptocurrencies — particularly illiquid ones — can be extremely volatile in price, meaning that determining and pricing the collateral requirement (through a risk engine) is one of the primary challenges for decentralised lending protocols. Bad debt is when it is financially irrational for the lender to close a loan because the collateral has experienced a severe price fluctuation.

On October 11th, Mango Markets, which allows cross-margin trading with up to 20x leverage, experienced exactly that. Two accounts funded with USDC, took an outsized position in MNGO-PERP. Due to thin liquidity, only a few million USDC meant that the underlying MNGO/USD prices on various centralised exchanges, including FTX, jumped 5–10x in a matter of minutes. Before people could get in to sell and return it to a more reasonable price, the oracles that Mango’s risk engine uses (Switchboard and Pyth) updated their MNGO benchmark to the new, artificially inflated price. As the value of the Eisenberg’s MNGO-PERP unrealised profit increased, the Mango Markets risk engine allowed his account to borrow approximately $100m worth of assets such as BTC, SOL and USDC from the Mango protocol, using this inflated MNGO collateral value to borrow against. When the price of MNGO then returned to Earth, the protocol was left with bad debt.

The attack sent the price of its native token by nearly 50%, from around $0.042 down to $0.017. Eisenberg demanded that any bad debt be viewed as a bug bounty, and that the insurance should be paid out from the community treasury (and in fact tried to use all the MNGO tokens he had bought to vote for his own proposal [3]). It does indeed have a dedicated $70m DAO controlled treasury for insurance on v3 deposits, but this is not enough to pay all the liquidations. In a Twitter thread — the established crypto version of a press release — Eisenberg claimed that he ‘helped negotiate a settlement agreement with the insurance fund,’ to make all users whole again while recapitalizing the exchange. He likened his actions to a process called automatic deleveraging, which is where cryptocurrency exchanges use a portion of the profits earned from successful traders to cover the losses of other liquidated ones. He ended the thread by saying, ‘as a result of this agreement, once the Mango team finishes processing, all users will be able to access their deposits in full with no loss of funds.’ This remains to be seen. This is also probably not legal, but for a full discussion of this see note [4].

How was DeFi able to react?

Mango Markets is bankrupt from this. However, because this entirely came down to design flaws, a) anyone could have considered this before, and b) similar protocols can now immediately understand what happened and avoid the same mistakes. (Note how I was able to entirely explain what happened by reading a couple sources, versus the dark cloud hiding what the hell has happened at FTX for the last few years). Two lessons can be and have been drawn for current and future decentralised exchanges and lending platforms.

Firstly, it should not be possible to borrow against very low liquidity assets. This attack happened to Mango, but it was possible in multiple protocols. (Note: although it played out differently, this was also in fact the same underlying problem within FTX- they collateralised loans in FTT which was only liquid because FTX/ Alameda were the primary market makers for it.)

Eisenberg himself described how using a similar method would allow highly capitalised entities to exploit the REN market on Aave V2 [5]. Decentralised lending platform Compound was the first to react to the threat of price manipulation. After 99% of votes were in favour of the proposal, it paused the supply of four illiquid tokens as lending collateral on its platform: Yearn.finance’s YFI, 0x’s ZRX, Basic Attention Token (BAT) and Maker’s MKR. The most notable example is ZRX which has borrowable liquidity on Aave and Compound comparable to or greater than the usual daily volume across all centralised and decentralised exchanges. I’d expect (and hope for) others to follow suit.

Secondly, trading engines need to carefully consider how they use oracles in their risk engines when determining collateral ratios. In the case of Mango, the risk engine allowed Eisenberg to withdraw over $100m while the price of MGNO very briefly spiked way beyond the fair price. The price oracles didn’t do anything wrong; they just reported the current price. But Mango Markets’ risk engine should not be using a raw oracle price alone. If a price moves 3x within a minute, that price is highly likely to not be accurate or be a temporary wick. If the price stays there for many hours, then it becomes more likely that this new price is the true economic price, since over that time other traders will have come in for any arbitrage were there to be any. One way to avoid this issue is to use EWMA price bands, which means bounding the raw price feeds so that they cannot move more than e.g. ~20% within 5 minutes before feeding into its risk engine.

SBF also explained how FTX used IMF factors to prevent this:

The larger your position, the greater % margin they charge. For MNGO, the margin charged is 0.00025*sqrt(MNGO tokens). If you wanted to have a 500m MNGO position, FTX would have required 500%. The reason is that large positions- especially in illiquid markets- can have a lot of impact. So they charge more % margin the greater your position is. Some positions — like the one in question- are large and illiquid enough that the risk engine forces you to fully collateralise a position. So even before hitting position limits, the risk engine ensures that the collateral backing a position is sufficient.

Such a high-profile attack is more likely to encourage responses across DeFi, and potentially (if we’re counting avoided losses as gains), leave the ecosystem net positive better off as code is improved.

Conclusion

CeFi has failed us. TradFi has failed us. To believe in the future of crypto, we have to believe in the future of DeFi, and the benefit of on-chain smart-contract controlled transactions.

In DeFi, Code is Law in that it sets the majority of the de facto rules for online interactions and transactions. Everything is visible. DeFi protocols can learn lessons from exploits and communities can adapt the code accordingly. In this case, the main lesson is that loan/liquidation models must model price impact and liquidity impact. In the case of bridge hacks, it is that proper and repeated auditing is necessary. Contrary to CeFi, given the open-source and community-owned aspects of blockchain protocols, communities can collectively provide some of the value-based input and oversight, and ultimately vote with their feet by steering clear of blockchain platforms that contain undesirable or unduly inflexible code-based rules. Compound is a perfect example of how to advance this peer-to-peer regulation — the community recognised flaws, proposed measures and voted accordingly. It’s an expensive and in many ways unethical teaching method, but at least in DeFi we can see the design flaws and adapt them, rather than just suffer the implications when it’s far, far too late.

Notes

[1] In 2016, an Ethereum developer identified the ‘race to empty’ vulnerability in the open-source code of The DAO (a decentralised autonomous venture capital fund), and subsequently drained it of around $50m worth of Ether. Whilst the community debated reversing the damage through a hard fork (i.e. splitting the chain into a new branch that returned the funds), the attacker alleged that a ‘hard fork would amount to seizure of my legitimate and rightful ether, claimed legally through the terms of a smart contract.’ A sizeable enough community were in support, and continued to use the original unforked Ethereum blockchain, now called Ethereum Classic.

[2] In 2021, the Indexed Finance hacker argued that ‘the people who I traded against and won money from read the same contract I did, and were willing to deploy their capital on it. At no point in this process did I do anything that could not have been done by anyone else’.

In the recent $117m Mango Markets exploit, Avraham Eisenberg tweeted ‘I believe all of our actions were legal open market actions, using the protocol as designed, even if the development team did not fully anticipate all the consequences of setting parameters the way they are.’ Blockworks researcher Dan Smith highlighted that, ‘the exploiter only used open market operations to pull this off. No code was changed, no new code was deployed, and he did not have to manipulate anyone else into acting on his behalf.’

[3] The proposal failed because it did not meet the required quorum. In exchange for the settlement, the hacker requests that users who vote in favour of the proposal agree to pay the bounty, pay off the bad debt with the treasury, waive any potential claims against accounts with bad debt and not pursue any criminal investigations or the freezing of funds.

[4] So, the (multi) million-dollar question- is this legal?

Hacking is a malicious act that aims to access digital services to harm or destroy systems, obtain user information, or hamper data-related activity. The vast majority of hackers (in Web2 and Web3) are prosecuted under the Computer Fraud and Abuse Act (CFAA), which is fairly easy to prosecute under when there is a provable breach of or unauthorised access to computer systems. In the Van Buren vs United States case of 2021, the first clarification of CFAA since its inception in the 1980s, SCOTUS clarified that simply using the authorised part in an unauthorised way is insufficient; a part of the system that is explicitly off-limits needs to be touched.

Cross chain bridge hacks, which account for 62% of losses in 2022, tend to meet this criteria. For example, the $325m Wormhole hack occurred as a result of a coding glitch that let hackers set up a fraudulent signature set authorising transactions to mint ether. Similarly, $625m was drained from the Ronin Bridge, the Ethereum sidechain built for Axie Infinity that enabled users to transfer assets to the Ethereum mainnet, after five of nine total validator nodes were compromised in a phishing attack.

This is unambiguously accessing and stealing assets that were originally owned by another party, and thus amounts to hacking and theft. Oracle manipulation, by contrast, is not computer fraud. Avraham Eisenberg, like any other trader, was completely authorised to trade the spot market, and trade the perp market. This instead would likely fall under market manipulation. The analogous crime in TradFi is manipulating spots to move derivative settlements- termed ‘banging the close’. However, to prosecute this, the Mango exploit would firstly need to be proven as a security. But if cryptocurrencies are considered a security, then crypto companies issuing them must comply with the stringent Securities and Exchange Commission rules for registration and reporting, with threats of huge $100m+ fines like that issued to BlockFi in 2021 for failure to do so. Defining MNGO as such would leave Mango Markets in an even bigger mess.

Alternatively, it would need to be classified as a commodity. Many in the industry would prefer cryptocurrencies to be treated as such and therefore subject to the Commodity Futures Trading Commission’s rules instead.

Even if it were to be a security, it would then secondly need to be prosecuted as securities fraud. So far, there are few precedents for prosecuting and punishing this type of DeFi market manipulation (see Celsius and Three Arrows…). As Doug Colkitt went on to explain,

There’s a reason that virtually no bankers went to prison in 2008. Securities fraud is extremely hard to prove at the threshold required for criminal conviction. They’re also extremely complex cases, hard for criminal jury trials. Because of this, essentially all securities fraud prosecutions are handled by a single US Attorney, the Southern District of New York (SDNY), and they won’t bring a case unless they’re 95% sure of winning. Long story short, the Mango exploiter isn’t going to prison. Without the threat of criminal prosecution, the only option would be a civil suit, but the exploiter has $100m to fight a long battle.

So, no — this is probably not legal, but he is also probably not going to jail.

[5] This would involve supplying 100m USDC and borrowing $85m worth of REN tokens against it. Then, with a different account, the entity could deposit the REN tokens and borrow 50m USDC, which would be used to buy more REN. Then repeat. This is made possible because buying the millions of dollars worth of REN would send its price soaring, allowing the entity to borrow more against its deposited collateral. In case of a 10-fold increase in the price of REN, the entity would be able to borrow $500m worth of assets, while initially deploying only $100m, potentially netting $400m in profit.