Funds are safe. The protocol is not at risk.
On March 22, 2024, a security researcher [1] disclosed a bug in the Baseline Credit Facility.
A bug in the Credit Facility defaulting logic has caused the protocol to still count the defaulted YES towards the circulating supply. This means the protocol keeps additional irredeemable ETH for this supply of already burned YES, suppressing the protocol growth.
Mitigation process includes removing liquidity above the BLV price.
Last Friday, a whitehat messaged the team about a bug in the CreditFacility.sol code which could potentially lead to an error in the accounting logic.
The team quickly verified the issue and started a war room to decide how to mitigate the problem. When YES is valued at floor price, spot YES will have a ~20% drawdown against their value, but all credit accounts will be at total losses. This is because the value of the collateral is now worth the value of the debt.
To ensure fair outcomes for all YES participants, the team has preemptively captured the liquidity premium across all YES/ETH liquidity pools in a whitehat operation.
Any of the profits captured selling YES above BLV will be socialized across the snapshotted circulating supply. Each snapshotted YES is be entitled to an equal portion of the profits available in the market.
For details on the operation, please read Operation: YEV.
The CreditFacility.sol contract contains a flaw in how loans are ordered internally. In Baseline, each credit account is linked to an expiry "timeslot", which is a uint256 timestamp rounded to the nearest day. This allows the contract to default loans in batches, making the liquidation process highly efficient.
The issue comes from how the contract tracks which timeslots have been defaulted. An accumulator variable, tsHead(), is used to store the next available timeslot to default. If tsHead() does not exist, it is set to the first available expiry in the system.
Upon launch, the first loan duration taken was for 1 year. As a result, the tsHead() was set to March 3, 2025. All defaulted loans prior to that that time are not properly cleared from the system, creating a permanent overhang in the circulating supply of YES.
To date, the protocol is accounting for ~717,000 additional $YES in the circulating supply.
This issue impacts Baseline protocol in two ways.
Reduced BLV price: MarketMaking.sol allocates "dead" liquidity for the non-existent supply, underestimating the true floor value for the token.
Increased liquidity depth: MarketMaking.sol mints additional discovery liquidity to account for nonexistent ETH debt in the system.
While the funds in the liquidity pool are safe, without future growth of the system, $YES tokens lose any premium value and trade at the BLV price. Each $YES token can still be sold at the floor price, but any surplus value from $YES in the credit facility is wiped out.
This significantly impacts "loopers", who repeatedly traded the BLV value of their tokens for premiums. Any "looped" $YES will experience significant drawdowns.
The team has preemptively captured all available liquidity in $YES above the BLV across all pools. By doing so, we can take any profits made from being the "first seller" and share it equally across the entire supply.
Aside from the main YES/ETH deployed by Baseline, we have also arbitraged the following pools:
YES/ETH .3% on Thruster
YES/USDB 1% on Thruster
YES/USDB .3% on Thruster
YES/ETH on Ambient
Any liquidity is captured is then held at 0x00000000 and custodied by a multisig of the following signers:
For details on the specific amounts captured and distributed, please read Operation: YEV.
Notification of issue - Friday, March 22nd, around 6am ET
Outreach & MS setup - Friday, March 22nd, around 11PM ET
Finish Implementation - Thursday, March 28th, around 5PM ET
Execute operation - Thursday, March 28th, around 2PM ET
The Baseline team appreciates all of the efforts made by the multisig signers to review the protocol and any related operations. Their experience and guidance have been helpful in the process of facilitating a secure and fair outcome for anyone affected by the protocol.
Baseline does not currently have any established bilateral disclosure agreements. No disclosure has therefore been made to third parties prior to this publication.