After $130M Hack, Badger’s Restitution Plan Tests Limits of DAO Governance

One of the most devastating hacks in recent memory has led to an ambitious payback plan.

AccessTimeIconDec 16, 2021 at 3:27 p.m. UTC
Updated May 11, 2023 at 5:04 p.m. UTC

After a devastating $130 million hack, BadgerDAO is moving forward with the first steps in an ambitious restitution plan that may be among the most complex in decentralized autonomous organization (DAO) history.

In early December, a front-end exploit drained the DeFi yield vault platform of $130 million in various assets – upwards of 10% of its total value locked (TVL) at the time of the attack. Now the DAO – in this case, an ostensibly leaderless collective governing a decentralized finance (DeFi) protocol – is grappling with how and if to make users whole.

While restitution plans are a common occurrence in DeFi – an emerging and dangerous $250 billion sector where exploits themselves happen all too frequently – BadgerDAO’s effort to compensate victims may be the largest of its kind yet.

According to BadgerDAO founder Chris Spadafora, the undertaking depends on the contributions of Badger’s 32,000 users and 25 core contributors, many of whom have differing ideas about how to best handle a situation where losses well exceed the DAO’s current treasury of roughly $53 million.

In an interview with CoinDesk, Spadafora said tthe DAO has broken the lost assets into three “tranches,” each of which will require a separate governance process in order to make users whole.

Across a half dozen Badger Improvement Proposals (BIP), numerous blog posts and ongoing discussions in community forums, an outline of the protocol’s payback plan for each of the tranches is beginning to form.

The effort also comes amid a period of greater scrutiny for DAO processes. DAOs as a model have come under criticism in recent weeks as DeFi platform Sushi has been hobbled by internal squabbling, and an ad-hoc DAO formed to buy a rare copy of the U.S. Constitution failed, in part, because their highest possible bid was public knowledge ahead of the auction.

Spadafora, however, believes Badger can rise to the challenge.

“This is one of the more precedent-setting and monumental, large-scale DAO decisions – or multitude of decisions – that the space has ever seen,” he said.

Governance assets

The first tranche of lost assets to address is also the simplest from a governance perspective: the 192,000 BADGER tokens stolen in the attack, currently worth $2.8 million.

Restoring this asset is especially important for the governance process, as this token grants holders the right to vote in major BadgerDAO decisions.

“What the community seems to think is that those that were affected should have their governance rights reinstituted by distributing BADGER from the treasury to allow them to participate in governance related to their restitution, and moving forward with the protocol,” said Spadafora.

The protocol’s treasury currently has 7.5 million BADGER not earmarked for other uses and can distribute the tokens with a simple vote. BIP-79, a proposal to do exactly that, is currently on its way to reaching quorum in Badger governance forums and will be headed to an on-chain vote for approval in the coming days.

Per Spadafora, restoring the governance tranche would lead to 17% of all affected users getting 100% of their assets back from the exploit, though BADGER has fallen over 50% in value to $14.68 per token since the attack.

Badger claws back

The second tranche represents what Spadafora refers to as “reclaimable” assets.

BIP-33 introduced an emergency function that would allow for the ability for various wallets to pause the protocol’s smart contracts to mitigate the damage of an exploit, which is exactly what occurred on the night of Dec. 1.

“The contract pause prevented 50% more users that had already approved that malicious actor from spending their funds, and what it also did, it prevented any other vault tokens in the exploiter’s address from being withdrawn,” said Spadafora.

Now, the DAO wants to upgrade Badger’s smart contracts to enable “rugging the funds back,” said Spadafora.

The exploiter’s address currently has $9.2 million in vault tokens that could be seized in a “one-time function” contract upgrade. This would enable an additional 38% of affected users to get a token-for-token refund on losses.

However, for security purposes, this requires multiple governance proposals: BIP-76, which upgrades the contract to enable the seizure of stolen assets; BIP-77, which will restart the contracts and seize the funds; and BIP-78, which will return the funds.

All three are currently up for voting and appear as if they will pass with an overwhelming majority.

Major losses

While distributing governance tokens and reclaiming vault tokens will compensate over half the affected users in the hack, the largest tranche the DAO will have to address is the most complicated, accounting for $121 million.

Because of the nature of the exploit, the attacker started with the largest affected users and worked his way down the list, meaning 10 victims make up the majority of the loss. This presents an unusual conundrum for the majority of Badger’s users.

“How do those 32,000 Badger holders feel about the disparity, the effect of the exploit on the protocol as a whole, versus a very small amount of specific victims. It’s not like 10,000 people lost $10,000 each, and that changes the dynamic quite substantially,” said Spadafora.

The supermajority didn’t lose, but hypothetically they want to act in a way that benefits them, which means restoring confidence in the protocol for the long term with full restitution.

The treasury, however, cannot afford full restitution immediately, leading to a number of thorny questions.

“There are fundamental decisions here: Should there be restitution, step one. Step two, should it be immediate or over time? If immediate, what percentage? And if it’s over time, via what mechanic? Governance tokens, maybe a vault-type product that pays back over time versus interest generated … there’s a lot of options,” said Spadafora.

Badger’s various yield vault products produce income that could be included in a compensation plan, and the overall platform has brought in $24,511,918 in revenues since launching in December 2020, per a Dune Analytics dashboard.

So far, Spadafora says that the community is attempting to take a balanced approach that will include immediate compensation as well as a payback mechanism of some sort via the vaults, with weighted immediate payouts versus long-term options.

“It might not have a defined timeframe or a complete commitment to full restitution, but the community is putting together a very clear mechanic for how restitution is happening and how it’s tracked – that’s what I’ve seen bubble up,” Spadafora added.

Precedents and monuments

The scale of what the DAO is attempting isn’t lost on Spadafora, who notes that marshaling the community’s resources and reaching consensus hasn’t always been a smooth process.

However, he hopes the ongoing restitution debates – held just two weeks after the initial exploit – will be seen as a model for what open organizations can accomplish.

“You’re talking about people who have never met, from around the world, going through such a dramatic thing as a collective, then mustering up the strength to respond in such a high integrity way,” he said. “It’s very amazing to see.”


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Andrew Thurman

Andrew Thurman was a tech reporter at CoinDesk with a focus on DeFi.

Read more about