Harmony + AAVE

Hello Harmony community, Ernesto from the BGD team here, currently engaged as a technical/development provider by the Aave DAO.

First a disclosure. BGD Labs, and myself in the capacity of representing BGD, are not decision-makers in the Aave ecosystem. This means that we contribute to all technical aspects of Aave due to our active engagement providing services, but the decisions are always made by the Aave community via governance. That includes this Harmony case, on which we provided a technical update of the situation post-exploit and then tried to support on the technical questions from both the Aave community and Harmony’s.

I would like to clarify certain aspects of the communication between BGD and the Harmony community (not only BGD):

  • Post-exploit, nobody from the Harmony side really contacted anybody from Aave, until we reached out. This is remarkable because we had a channel of communication opened that we used for technical questions regarding the Harmony network and the Aave protocol.
  • Given that the Aave community was asking about solutions, we tried to check out with the Harmony team (not really sure about the structure, maybe it was representatives of some Harmony foundation) which plans they had in mind. This is pretty natural in our opinion, given that the exploit happened on the Harmony infrastructure.
    After some waiting, the Harmony team commented with us the intention of covering the loss over multiple years (I think it was the first iteration of the plan published on this forum). Even if potentially a solution, we pointed out that given how the Aave protocol works, introducing that kind of vesting component on “dynamic” user positions would be challenging, if the intention was to keep the Aave v3 Harmony operational.
  • Soon after, I assume because of the dismantling of a good part of the Harmony team/foundation, we got introduced to the Harmony Recovery One members, as they were supposed to try to move forward with a new recovery proposal. Again, we tried to explain the situation from a technical perspective, and we arrive at the point of the message shared by @Pioneer : deposit of ONE could in good part solve the situation for Aave in regards to the consistency of the liquidity protocol in Harmony, boiling down to if the assets would recover the backing or not. To be clear, no solution is perfect from a technical point of view, but after thinking extensively about it, seemed the most realistic.
    To insist on the point of my message, the question of “will Aave continue being a partner of Harmony?” is out of context of the conversation, because me & BGD have exactly 0 say on Aave “partners” or any type of decision.

Now, some extra clarifications:

Aave didn’t decide or showed an intention of wanting anything. The proposed solution from BGD is something for both the Harmony and Aave community to evaluate, mainly Harmony.

There was no internal issue that we are aware of within the Aave ecosystem. The Aave Safety Module is officially covering v2 versions of the Aave protocol until the Aave governance decides differently. The Harmony team, same as all others where Aave v3 was deployed submitted a request to do it to the Aave governance, there is not really an internal issue.

I’m not sure if it is appropriate to evaluate how big of a problem the Aave community thinks the Harmony situation is. From the BGD side, I can say that we have spent good resources on it, just trying our best to provide information and technical solutions for the parties involved. Until the Recovery One team got involved, nobody from Harmony really participated in the Aave governance forum discussion, which is pretty strange, given that the exploit has happened on Harmony’s infrastructure.

Something extra to clarify too is that the Aave protocol itself didn’t really benefit anyhow of the Harmony deployment: it was something proposed by the Harmony community, Aave governance approved it, and this was supposed to benefit users of the Harmony network, having access to a protocol like Aave. Obviously, I think the Aave community was expecting (same as with every other network), reliable infrastructure.




As a conclusion, I think the only way forward is for Harmony community members (or representatives of the team, but not sure if they are even active anymore) to pro-actively try to propose something to the Aave community, not to anybody in private, but on governance.aave.com, the same thing as we suggested from BGD since the start.

5 Likes