Photo credit: Captngeorge | Twitter: @Captngeorge1
While Robert Leshner appeared to threaten users with the IRS at one point, the reality is that he – and the rest of the Compound Labs community – now rely on users’ goodwill.
A bug in the code of money market Compound resulted in the erroneous disbursement of COMP tokens intended for long-term liquidity mining rewards on Wednesday night.
Shortly after, the Compound Twitter account acknowledged the bug, stating that no user funds were at risk. Only Compound’s Comptroller Contract was affected by the bug, which is in charge of distributing liquidity mining rewards earned over time.
According to Leshner, nearly the entire Comptroller Contract has been drained, with 280,000 COMP distributed incorrectly to users.
Despite the staggering financial losses caused by the bug, the community is now engrossed in a debate over what users should be required to do with their funds.
“This has been, without a doubt, the worst day in the history of the Compound protocol,” Leshner said in an interview.
He continued:
“What makes it way worse is that I and most folks are completely powerless to do anything besides sit back and watch this moral dilemma play out.”
IRS threats
Photo credit: CryptoBuzz | Twitter: @CryptoBuzz_Blog
Leshner appeared to warn recipients of the erroneous tokens in a Tweet on Thursday night that there could be real-world consequences for keeping them – namely, that the US Internal Revenue Service (IRS) might want to know about it:
Some DeFi users interpreted the comments to mean that Compound Labs intended to report recipients to the appropriate tax authorities. Leshner quickly apologized for the tweet.
Threats of “doxxing” have been shown to be effective in the past in dealing with exploits – last month, a non-fungible token (NFT) team famously threatened to call the FBI and send soup to a hacker’s address. The hacker eventually gave up and returned the money he had taken.
Even if an organization wanted to pursue claimants in this case, it could be a hollow threat in practice.
Compound Labs is a real-world entity that is working on the protocol, but there is no clear basis for it to pursue legal action – according to a Compound Labs representative, the structure of the decentralized autonomous organization (DAO) is such that it is now just another member of the community.
The Compound interface is also hosted on the distributed file storage protocol InterPlanetary File System (IPFS), according to the representative, and no reportable information about users is collected in any way.
However, because of the bug’s nature, many of the token recipients aren’t sophisticated hackers; they just happened to hit the jackpot.
Moral dilemma
The question now is whether a moral obligation, rather than a legal obligation, can motivate users to return funds, a topic that has sparked heated debate in the crypto community.
One popular viewpoint is that “code is law”: regardless of intent, the protocol disbursed the funds, which users can now spend as they wish.
Others, on the other hand, argue that taking ill-gotten money from an on-chain bank, where anyone in the world, regardless of who they are, can take out a loan, is a violation of DeFi’s highest ideals.
At the time of writing, two users had returned a total of 37,493 COMP tokens worth over $12 million.
Some incentives have already been suggested, such as non-fungible tokens (NFT) redeemable for a meeting with Leshner, which he enthusiastically agreed to:
Leave a Reply