How Bond Protocol Simulates User Interactions to Keep Users Safe

Originally started as Olympus Pro within OlympusDAO, Bond Protocol launched in July 2022 as a standalone entity to provide bonds-as-a-service to other protocols. The platform enables users to take advantage of Olympus-style bonds to acquire liquidity and strategic assets while diversifying their treasuries.

Empowering Protocols to Own Their Liquidity

Bonding was initially designed by OlympusDAO to incentivize and lock liquidity by exchanging Liquidity Provider (LP) tokens for newly minted $OHM at a discount. The discounted $OHM was then vested linearly over a short period of time (initially 5 days). This approach allowed Olympus to acquire and own 100% of its liquidity

Bond Protocol utilizes the same bonding concepts but with two vesting terms for bonds: Fixed-Term and Fixed-Expiry. One major difference between the Bond Protocol and Olympus Pro contracts is the underlying governance tokens vest fully at maturity, instead of being claimed linearly. This greatly simplifies the bonding contracts and allows for tokenized bonds.

• Fixed-Term Bonds are most familiar to the OlympusDAO style bonds. They mature at a fixed number of days (ex: 30 days) from point-of-purchase. Bonds purchased on different dates are not fungible, and these bonds use the ERC1155 NFT standard.
• Fixed-Expiry Bonds were created to allow fungible positions for longer-dated bond programs. They mature at a specific date and time (ex: Dec-31–17:00). This type of bond uses the ERC20 tokenization standard which offers broad composability in DeFi. Fungible bond positions open an exciting range of possibilities (ex: lending) to create long-term value for protocols and bond holders.

Since launching as Bond Protocol in 2022, ~$60 million in total value has been bonded across 3,300 bonds and 20+ bond markets.

Using GuardianUI to Simulate User Interactions

Bond Protocol takes security and user experience seriously as exemplified by using Sherlock, Zellic, and yAcademy for multiple audits and rounds of code review. However, to holistically keep users safe, Bond Protocol understands addressing smart contract risk is only part of the equation.

Every dApp depends on web2 infrastructure (DNS, Cloudflare, Google Tag Manager, etc.) and exposes protocols to countless vulnerabilities (e.g. DNS poisoning, supply chain attacks, malicious javascript injections, BGP hijacking, etc.), which can be exploited in various ways by attackers such as tricking users into interacting with phishing contracts while using Bond Protocol’s dApp. Without testing and monitoring, the Bond Protocol team would have no way to detect when there’s a potential issue and when users may be at risk when interacting with their dApp.

GuardianUI helps address this problem by enabling Bond Protocol to continuously simulate user interactions with their dApp’s UI and make sure it’s pointing to the correct smart contracts. If GuardianUI detects an issue, the Bond Protocol team is notified immediately of the exact issue.

“Frontend testing in general is well-developed, but crypto-specific tools have been sorely lacking. GuardianUI is building a great platform, helping us to provide our users with a safer and more robust experience.” — SpaceTurtleShip, Lead Frontend Developer @ Bond Protocol

Thanks to GuardianUI, Bond Protocol simulates 12,000 interactions per month resulting in multiple benefits:

• Improved security — frontend attacks are an increasing problem such as what happened to BadgerDAO (Cloudflare workers vulnerability), Curve Finance (DNS Poisoning), Klayswap (BGP hijack), and many others. These attacks caused users to interact with phishing contracts and resulted in millions of dollars being directly stolen from their wallets. GuardianUI helps Bond Protocol detect if their frontend gets attacked and address the issue immediately.
• Immediate response — If a problem is detected, GuardianUI sends an alert to the Bond Protocol team immediately to address the root issue and keep all users safe.
• Developer peace-of-mind — testing in production is an expensive and time consuming (manual) way to make sure your live UI is working correctly. By using GuardianUI, the Bond Protocol engineering team reduces cost significantly and eliminates the need for manual review entirely.
• Faster and more reliable releases — Bond Protocol is able to use the GuardianUI end-to-end tests in their pre-deployment workflow to ensure quality code gets pushed to production.

Example: Simulating a User Creating a ‘Fixed Expiry Market’

To further illustrate how GuardianUI helps secure Bond Protocol’s dApp, let’s see how simulating the creation of a Fixed Expiry bond market is performed and then monitored. This is just one example, but GuardianUI is doing this for all smart contract interactions within Bond Protocol’s dApp.

Step 1: create an end-to-end test using GuardianTest, GuardianUI’s open source testing framework. Note: GuardianUI can write these tests for clients if you don’t want to write the tests — GuardianUI wrote Bond Protocol’s tests.

This test automatically performs the following simulation:

• Initializes a local fork using Anvil
• Navigates to https://app.bondprotocol.finance/#/create
• Connects a wallet to the site with mocked approvals and balances.
• Selects DAI as a payout token
• Selects DAI as an output token
• Selects a vesting term
• Enters the bond capacity
• Selects an expiration date for the bond
• Confirms deployment of the bond

Step 2: Validate contract interaction.

The final step of the test (Confirm Deployment of the Bond) verifies the transaction points to the correct Bond Protocol Fixed-Term Auctioneer contract when a user performs the action.

Step 3: Continuous monitoring

GuardianUI continuously monitors this interaction to make sure it’s working appropriately. If it isn’t, the Bond Protocol team will receive an immediate alert.

Automated user simulation of Create Fixed Term Market on app.bondprotocol.finance

Helping dApps Ship Securely and Quickly

The Bond Protocol team is taking advantage of testing and monitoring their live frontend while also being able to utilize these tests in their pre-deployment workflows.

To start writing your own end-to-end tests using GuardianTest, the open source testing framework from GuardianUI, install it here and learn more here.

To begin your monitoring free trial, fill out this contact form so we can reach out to you and begin your onboarding.

To inquire about GuardianUI writing your tests as a standalone service, please fill out this short form.

And to learn more about GuardianUI, please visit guardianui.com