Day 1

Welcome to _ Barry!

I will be making a personal donation of 100 ETH to the relief effort coordinated by @aave Labs in relation to the KelpDAO's/LZ exploit. While I'm not involved with Aave anymore, I still believe the Aave protocol is important for DeFi overall. And the coordination effort led by @aave Labs without Aave itself being the exploited system, deserves support

Imo: - Suppliers agree are relatively insensitive to rates at the moment, and they **very** sensitive to specific announcements/plans regarding the unpaired collateral not affecting stablecoins on Aave Core (I really think it is the case, but uncertainty is not good for suppliers). - Stablecoin borrowers are actually quite a priority, because they are the business. Meaning that they are already suffering the high rates, but on the current ~15% levels, for the argument of duration/float, @ImperiumPaper comments, I think it is a scenario they should be prepared to, because it really can happen for 3-5 days, even if rarely sporadically. - The current borrowing rate levels, I'd say, are in quite good "equilibrium" considering the previous. I'd say even quantitatively, the delta LTV-LT of Aave v3 (~2% on more stressed e-modes like Ethena) should have protected a majority of borrowers. Of course, not against the ongoing cost, but still, the cost is not an order of magnitude higher. In the case of borrowers of stables against "volatile" assets, the borrowers assume want frequently) the volatility on the collateral, going long. So the higher borrowing cost on the collateral for a short period of time is not really. - I'm currently an outsider to Aave, but 100% sure @aave Labs are working full-steam to achieve a situation where 100% the stablecoins are not getting affected, and I'd bet neither ETH in any big amount (or zero).

A person I trust commented that sometimes it is important not to ignore weird propaganda, no matter how silly it seems. So, just a thought, which is highly possibly my last on the topic. Maintenance & incremental updates are not (only) what BGD was doing for 4 years in Aave. However, those tasks were very fulfilling work, way more important than people think, and for anybody looking around, a big reason of success in mature products. To be a bit more blunt: the cemetery is full of good initial ideas not well taken care of after. I would argue that indirectly trying to diminish that role precisely now on Aave, is very very far from a good idea.

Principles first. Respect to @omeragoldberg and the @chaoslabs team

Some thoughts in support of the smart contracts' size increase in Ethereum Glamsterdam ethereum-magicians.org/t/inc…

My thoughts on it. - I understand the mandate document as: our end goal is the most optimal possible scenario, but we know reaching that requires time and a constantly balancing approach to progress. - Being on the most radical side of decentralisation is relatively easy. Being on the most radical side of optimality and efficiency is also relatively easy. Being on a middle ground (like at least I understand will be the case for a long time in Ethereum), which is constantly dynamic, is the complicated one. - Only by already having a strong position established on the middle ground (Ethereum today) can you double down on principles, while not becoming immobilised. Debates aside, that's the bold approach. - If Ethereum (the chain, the ecosystem) did not act as a credible anchor to principles, there is a high chance that nobody with enough positioning would. And from there, pure efficiency seeking is a slippery slope. - In my opinion, the majority of challenges of achieving perfect CROPS principles in a blockchain are solvable. Far from easy, potentially not doable, but it doesn't feel to me like completely impossible. - I'd really argue that the real value of Ethereum arises almost exclusively from having achieved partially CROP principles. So, double down on that is not even idealistic; it is being practical.

DAOs are a method of both direct and indirect transparency and accountability when done right. Whoever doesn't aim to have an on-chain application controlled partially or totally by one or multiple DAOs, has very certainly nothing to do in the blockchain world long term. People will study the Aave DAO, but this is just the beginning.

Needless to say, the Aave protocol is perfectly fine and will continue to be so. BGD is still working on Aave, until our current engagement with the DAO finishes at the beginning of April. Highly recommended to read our full forum post on what happens going forward (and what doesn't) governance.aave.com/t/bgd-le…

After 4 very productive years, we will be stopping our contribution to the Aave ecosystem as service providers, once our current scope finishes

ACI currently compensated ~$3m/year by the Aave DAO (and that being by far the highest in last 3y) is, I think, interesting food for thought

For me, Aave at $10 million versus now $70 billion feels pretty similar in terms of how critically important it is. Are you curious about Aave’s approach to security and their take on AI's Impact on Security? Check out my notes on the Web3 Security podcast episode featuring Ernesto Boado (@eboadom) of @bgdlabs and ex-CTO of @Aave, hosted by @jack__sanford from @sherlockdefi. From Geographic Systems to DeFi's Biggest Protocol Ernesto isn't the typical "obsessed with programming from age 5" genius coder. He's a multi-disciplinary software engineer who studied computer science in Spain but wasn't deeply into coding from an early age. What really changed everything for him was Ethereum's initial ethos in 2018: this global server that anyone can access, involved with financial transactions. That's what hooked him. Before ETH Lend (which later became Aave), Ernesto was working in geographical systems (maps and GIS software). He was experimenting with early Ethereum on his own (Remix, Truffle, MetaMask era), building a governance application. In December 2017 (top of the bull market!), he reached out to @StaniKulechov, the founder of ETH Lend, which had just completed its ICO. Stani saw potential, and Ernesto joined a small team of about 15 people. Managing $70 Billion: Abstract the Numbers Aave currently has roughly $70 billion in TVL, making it the number one protocol in the world by TVL. If Aave were a US bank, it would be one of the 40 largest banks in the entire United States. Ernesto's most fascinating take: "For me, when Aave was $10 million versus now $70 billion, it's pretty similar in terms of my perception of criticality." He explains that it's mandatory for developers on systems like Aave to be very abstract. You need to understand what's at stake, but you can't get obsessed. If you get obsessed, you'll immobilize yourself and not do anything because you're terrified of breaking something. The key is having good procedures. If you have good procedures, you shouldn't break anything. And you need protections so that if any problem happens, you can react. Ernesto believes this abstraction is very positive. Understanding criticality without obsessing over the numbers allows the team to keep shipping. Upgrade Philosophy: V3.x vs. Uniswap's Approach One of the most interesting topics was comparing Aave's upgrade strategy to Uniswap's. Uniswap goes V2 → V3 → V4 with completely new deployments and user migration required. Aave goes V3.0 → V3.1 → V3.2 → V3.3 → V3.4 → V3.5, upgrading the existing system. Ernesto thinks comparing these systems is misleading. The underlying systems are completely different. For Uniswap V4, it makes sense to be fully immutable because it's a very simple system. When you want to change it, the change is so radical that it probably makes more sense for users to migrate to another smart contract, and you just focus on the tooling for that migration. For Aave, the more mature it gets, the less sense migration makes. From V1 to V2 or V2 to V3, the changes were relatively radical and complicated to apply safely. But now on V3, that line starts to blur. Certain architectural changes aren't so simple to apply on V3, but they're doable. Whether it's worth it is debatable. “If you have a system with $70 billion, you should probably just maintain it for as much as possible and try to improve it if it's not some completely out-of-hand project.” He highlights that V3.0 at the beginning compared to V3.5 running now involved very radical changes: accounting (static vs. dynamic), precision math completely revamped, grouping of assets in the pool, features deprecated, features added, and countless other changes. It's good that people still perceive V3 as V3, but there were five upgrades over three years. Not super fast-paced, not super slow-paced either. V4 Is Coming: How Will Aave Manage Both? Aave V4 is in the audit process, which creates an interesting situation. V3 has $70 billion in TVL, and V4 will start from zero. So how will Aave manage supporting both? Ernesto notes that Aave already has experience with this. Aave V2 is still active with about $400-500 million across three networks, even with active deprecation steps (adjusting rates to incentivize migration to V3). V4 has a slightly different target. From communications, V4 seems quite oriented to builders or a more modularized approach, even targeting people who want to run their own mini pools. V3, on the other hand, is very monolithic on purpose, controlled by a sole entity (the DAO, which is multiple entities behind the scenes) and opinionated on almost everything. Ernesto thinks this was one of the recipes for V3's success. When you try to do too much modularity, it becomes tricky for users, confusing, and UX doesn't catch up in time. The advantage: V3 is perfectly fine, and V4 will exist. If people migrate to V4 or stay on V3, the benefit is for the same DAO behind the scenes. Maintenance is a concern for sure, but Ernesto believes V4's different focus means both can coexist. Decentralization: Being Honest Is Key When asked about advice for other teams navigating decentralization, Ernesto highlighted that it's a very gray area: is centralization good, or is decentralization good, and how do you do one versus the other? One of the main issues is that until very recently, there weren't clear guidelines. This is especially challenging for small teams in a completely open environment where anyone can write and deploy smart contracts. How do you structure a company? What's the plan for progressive decentralization? Does it make sense from a business standpoint or common good perspective? There are so many variables. For Aave, decisions were pretty natural: - People trust non-anonymous people to run a protocol more than anonymous people - Once the AAVE token was pretty well distributed, it was clear the DAO should give back governance control Ernesto emphasizes that onchain governance via token, if the token is well distributed, is just very good security-wise. You need certain protections, but it's arguably stronger than alternatives like multisigs. How to Become a Trusted Independent Researcher When asked how an independent researcher can become one of Aave's go-to trusted researchers, Ernesto's answer was simple: It boils down to work. The researchers BGD works with (both firms and solos) spend a lot of time on Aave's codebase. They submit reports, invalid reports, minor valid reports, sometimes major ones. It's just a lot of work behind the scenes. That creates trust. Being honest and not trying to do weird shenanigans is key. Ernesto understands why the industry is sometimes polarized and adversarial between bounty hunters and projects (there's a lot of history of projects not being fair), but for Aave, there's nothing to win from being unfair with researchers. It's just stupid. What they don't accept is speculation. They know what speculation looks like because they have enough knowledge of Aave to distinguish it. The pattern Ernesto sees with majorly successful researchers and bounty hunters: It's usually very easy to work with them. There's no drama. These are people who've earned millions of dollars in bounties and contracts, and they're rational. They accept when something is a fair evaluation, whether it's low, medium, or high severity. His advice to researchers: 1. Be honest, especially with top protocols that have no incentive to be unfair 2. Spend a lot of time on the code 3. Participate in discussions (even if Aave has some apathy in participation, researchers should engage) 4. Proactively add value: Many of BGD's relationships with solo researchers started with someone reaching out with something that maybe wasn't valid, but the effort and understanding showed a good approach, and they were put in the front line to work with BGD AI's Impact on Security Ernesto sees symptoms of AI having an impact. In recent months, more and more security researchers are clearly using some type of hybrid approach. He doesn't think AI is at the level of finding deep bugs involving lots of components, but in both DeFi and traditional software, bugs and their costs have historically been the same: buffer overflows, pointer issues, injections, these have been happening for 70 years. AI could serve as a filtering tool, hinting tool, or reminder. Another very important aspect Ernesto sees in successful researchers: They're organized people, quite systematic. Yes, they have strong intuition, but they don't just act on intuition. They keep it in mind, use pattern recognition, and probably document their own internal checklists. That's the secret sauce, you need some type of assistant, which historically has been your own notes and your past self. AI could be that assistant: "Did you check this? By the way, you trained me with some patterns, so did you think in this direction?" That's where Ernesto sees potential value. Documentation Is Non-Negotiable One of Ernesto's core principles: Documentation should always be oriented to auditors, and specifically to auditors they didn't work with before. In a system like Aave, if you cannot explain to a security auditor in the DeFi industry (even if not familiar with Aave) what the upgrade is about, all the edge cases, points of focus, etc., then the upgrade is not ready. There's no other way to see it. This is BGD's internal policy: Documentation should be very good, always. If you don't do it well, it means you don't understand the system.

Some (final) thoughts on $AAVE ownership principles and transparency about them governance.aave.com/t/arfc-a…

To be very clear: - This is not, in ethos, my proposal. Aave Labs has (for whatever reason) unilaterally submitted my proposal to vote in a rush, with my name on it, and without notifying me at all. If asked, I would not have approved it. - It was not my intention to submit the vote while the community was still having a healthy discussion around it, with valuable points appearing continuously. It breaks all codes of trust with the community. - Public governance is supposed to be for, even if hard sometimes, open discussion. Trying to rush a vote is disgraceful.

I think it gives value to clarify to readers and Aave community members this type of misconception. My proposal has no intention/relation of creating a scenario where business counterparties to Aave must interact with different service providers, each with contradictory views. It is not ideal. However, that doesn't mean that a single party should be able to unilaterally decide that "Definitely the counterparty must be us always, because, well, we say so." That makes no sense. There should be some order/framework for different entities not to clash, different "assignment rules" depending on the nature of the counterparty (e.g., institutional, defi natives, etc). But having that framework is perfectly doable and doesn't change the substance of ownership and executive power being on the $AAVE token holders.

Some extra points on my $AAVE Alignment: Ownership proposal: - This is not about any type of polarisation, it is about purely additive value and self-control for $AAVE. - This has no relation to dismissal or magnification of contribution merits; this is about $AAVE self-sovereignity, and the rest is irrelevant. - A successful DAO first protects itself, and second, has contributors that proactively protect the DAO against themselves. governance.aave.com/t/arfc-a…

My $AAVE Alignment proposal: Ownership. If you are an $AAVE token holder, you should check it out governance.aave.com/t/arfc-a…

One idea/argument discussed around here in recent days is: DAOs are a paradox, because the entity originally bootstrapping the DAO, after the DAO is fully independent operationally and financially, doesn't have a direct path for growth and monetisation. And this is not fair for that entity. I don't think that has any relation to reality. First of all, the whole principle of the original entity being entitled to some direct path for growth and monetisation is pretty much surreal. It is the obligation of the original entity to, within a reasonable time duration (e.g., on Aave, period 2018-2021), create a scenario of the DAO being self-sustainable to keep growing. Sure, nothing guarantees the success of that task, and high competency is required, but that's the reason why initial funding includes an important percentage of the DAO tokens, to have direct upside in a success scenario. Why is the obligation? Well, because there (usually) is initial funding involved, but also because the model itself allows the original entity to actually expand however liked after DAO-bootstrapping into other separate ventures. Regarding how "explosive" the growth and sustainability of the original entity can be after the DAO becomes very independent and self-sustainable. Well, there are no assurances; it is called business. Because at that stage, on all effects, the original entity should be fully independent from the DAO, both for the good and the bad of both parties; that's the deal. Now, I think it is pretty obvious for anybody involved in startups and business that, even if currently not owning it, having participated in the past in the creation of a successful ecosystem, is a very, very important jumpstart to create new products, attract investors, etc.