Death by Rehypothecation. Can DeFi Save Us?
Bitcoin’s was born out of the financial crisis of 2008 with a promise to help people opt out of the legacy financial system. It did so by allowing anyone to be their own bank and take full responsibility over their wealth. This promise got many early adopters on board all touting the mantra “not your keys, not your coins!”
Yet as the industry matured, the mantra became more of a meme; something you know you should do, but probably don’t. Turns out, if you give the people 100x leverage, unlimited tokens, and the ability to farm the next best ponzie to death… screw it — we want the drugs! Losing 99% just to make it all back in one trade is just part of the game. You can make millions, you can lose it all. These are the rules that the crypto degen universe has agreed to.
However, what no one agreed to, or even knew, was that behind the scenes, exchanges were getting high on their own supply. They were using customer funds to trade, make loans, and do whatever else while praying too many customers did not withdraw funds at once. Welcome to death rehypothecation.
In this article we will discuss:
What is rehypothecation?
It’s prevalence throughout the system
Recent example of how DeFi may be the answer
What is Rehypothecation?
Rehypothecation is a practice whereby institutions utilize assets that have been posted as collateral by their clients. The institution then posts the securities as collateral for margin or a loan. The capital is then free to be placed in market trades to acquire an additional yield and pocket a profit. Banks do this all the time with customer deposits, but are very limited by law in what they can invest those funds into. It also helps they have a Fed money printing feeding tube that provides a cushion in case their hand gets lost in the cookie jar.
Crypto exchanges and DeFi platforms took this to another level by:
Investing customer funds in hyper risky assets
Not having Daddy Powell or any protection against total armageddon
Bitcoin held on-chain has no third party risk or exposure, but Bitcoin that lives on centralized exchanges, is wrapped, or used as a synthetic can, in theory, be rehypothecated and involve custody risk. While you may see a green percentage return, you have no idea where those funds are being placed and what risk the market marker or firm is taking.
Same, Same But Different
FTX collapsed due to the fact they took this to the extreme. They increased the supply of Bitcoin by 25% this year, selling people fake paper, while commingling customer funds to support their failing hedge fund. However, most centralized exchanges probably do the same on some level and this is no different in legacy markets. For example, gold and silver have always been manipulated by Wall Street selling paper.
While regulators pretend to care, they seem to miss all catastrophes as they pursue meaningless cases that only further individual political aspirations. Meanwhile, they have approved 6 futures bitcoin ETFs on the stock markets, but keep rejecting Spot Bitcoin ETFs which actually hold Bitcoin.
Strangely enough, the SEC also approved a short Bitcoin ETF right before the very top of the cycle of 2021. No, you can’t invest in Bitcoin, but the big boys sure can short it.
The Attack on AAVE
While DeFi promises to eliminate the centralized woes of the industry is it really that different? Let’s look at an example just from this week.
Within the last week, @avi_eisen placed a positions on AAVE protocol.
Notice the address starting in 0x57e from the FortressDAO.
At one point, he made up 63% of the total CRV Borrow.
Whether he is trying to short CRV and liquidate another player or is simply hedging is anyone’s guess, but this stress tested AAVE to the max. Here’s how:
Step 1: Build up a huge position ($100 million USDC is deposited on AAVE) using looping to ensure low margin requirements. Looping is a DeFi strategy where you can borrow and lend a pair of coins over and over again (each time borrowing less due to LTV of 87% maintenance requirements). It is also precisely the origin of “bad debt” created that would have to be paid back later by the protocol.
Step 2: This account (Account X) then borrows the entire liquid supply of REN ($3 million), sending this to a different account (Account Y).
Step 3: Account Y then deposits this back onto AAVE, meaning that there is now $3 million of liquid REN available for borrowing, again. Each time, Account Y deposits $3m REN, Account X can borrow it, over and over.
We now have a massive position on a low liquidity token. These positions are large enough that the price of REN needs to move only around 5% to the upside, in order to trigger a massive liquidation. The moment that the price of REN moves notably in one direction, AAVE will attempt to auction off the collateral to liquidation bots. When that happens, AAVE will try to sell $100 million of USDC for $85 million of $REN.
Where can the liquidators find $85 million worth of $REN? They can’t.
That is around 70% of the current circulating supply.
Once sellers run out of coins - moon it!
While AAVE struggles to liquidate Account X's debt, Account Y reaps the rewards.
If the fund managed to use its liquid capital to 10x the price of REN across major exchanges, then the original position of Account Y would now be worth $850 million. REN is considered lower quality collateral than USDC, thus having a lower borrow LTV. In theory, almost $500 million worth of assets from AAVE could be borrowed against Account Y.
This loss would be greater than 3x AAVE's entire treasury balance. The target of this attack was AAVE's vulnerable looping system. Using $40 million to borrow almost $50 million of CRV could leave AAVE with severe bad debt. AAVE would have to sell significant amounts of tokens from the safety module to cover this loss causing its own price to crash.
Did it Break?
Well, we cannot assume the directional exposure of the attack. Just because he had a short position does not mean he couldn’t have had other longs in other places off-chain. The core of the position on-chain position was based around injecting USDC collateral to a leveraged CRV borrow on AAVE.
Total inflows: 55 million USDC
Total outflows to OKX: 71 million CRV tokens.
As stated before, only $1.6 million of borrowed CRV was left in bad debt to the protocol. Yet the core problem was never with AAVE itself, but the liquidators ability to source CRV.
Liquidation bots attempting to acquire CRV through buying it on-market would have faced themselves with a lot of slippage. If the liquidators are able to effectively source CRV with low slippage, or in a way that does not significantly impact market price, there is no problem.
But if there is slippage, it's not the liquidators' problem — it's AAVE's bad debt to bear.
Most liquidation transactions take place atomically. The liquidator sources the CRV, exchanges the debt tokens, then receives the liquidated collateral, all in one bundle.
There is a penalty to the liquidated party - so it pays quite well to be a liquidator! However we must consider coordination.
In terms of incentives:
Liquidators will liquidate the collateral as quickly as possible without caring about slippage since they just want their money
AAVE holders do not wish to see AAVE accrue bad debt
It is very difficult to co-ordinate with a party whose code executes automatically.
Certain liquidators attempted to "buy time" by actually liquidating Avi with CRV tokens that they themselves, borrowed from AAVE. This liquidator took on the debt, bought Avi's liquidated USDC at a discount, and unwound the position when the drama had subsided.
However, even this was not enough to fully liquidate the attackers CRV short.
The price of CRV needed to be kept low enough to prevent liquidation on unfavourable terms. Millions of dollars worth of CRV was sold into this pool for 40 minutes straight - until the entire position was liquidated.
Given the volume of selling, the CRV price reaction was muted. The liquidation spike from around 62 cents to 74 cents is likely far less than was hoped for. The attacker tried to create bad debt thinking he was going to profit from this massively. However, less than 24 hours later, only about $1.6M stayed unpaid.
Which led to AAVE putting out this statement.
A safety module holding $200M of AAVE can cover the bad debt by auctioning AAVE and it's only one of the mechanisms to fix this bad debt.
So what were the devious consequences of this event?
sdCRV, cvxCRV, yCRV depegged with more than a 10% discount to get back CRV
People paying more than 200% to borrow CRV
However, the debt was carefully followed, and the AAVE tokens holders felt safe with such a level of bad debt. Once the liquidations ended, AAVE price jumped. Curve also happened to publish its Curve USD white paper which caused the price to pump and left the attack with either no profit or severely under water.
As you can see, bank run attacks are slightly different in DeFi and bank runs can be induced by smart whales. It is up to the protocol’s team to think through such scenarios and design a system that a bad actor cannot break.
Proof of Reserve
In the wake of the FTX catastrophe many centralized exchanges like Binance and Bybit began to offer a new method of transparency. Proof of reserves (PoR) is an independent audit conducted by a third party that seeks to ensure that a custodian holds the assets it claims to own on behalf of its clients. This auditor takes an anonymized snapshot of all balances held and aggregates them into a Merkle tree.
A Merkle is a cryptographic commitment scheme in which each “leaf,” or node, is labeled with a data block’s cryptographic hash. Their chief use to is to verify data that has been handled, sent or stored between computers. While invented in 1979, the concept has found extensive use in blockchain peer-to-peer networks.
After taking the snapshot, the auditor obtains a Merkle root: a cryptographic fingerprint that uniquely identifies the combination of these balances at the time when the snapshot was created.
The auditor then collects digital signatures produced by the crypto exchange, which prove ownership over the on-chain addresses with publicly verifiable balances. Lastly, the auditor compares and verifies that these balances exceed or match the client balances represented in the Merkle tree so that the client assets are held on a full-reserve basis.
A total of five exchanes including Kraken, Bitmex, Coinfloor, Gate.io and HBTC have completed their proof-of-reserve audits while the likes of Binance, OKX, KuCoin, Huobi, Poloniex, Crypto.com, Deribit and Bitfinex have announced their plans to do the same.
The PoR practice made sense and was lauded by many in the crypto community as it seemed like a step toward a more transparent crypto ecosystem. Centralized exchanges can note the liabilities of each account on a public ledger with specific assets held. They would have to publish with a tag that only account owners can know, thereby retaining public anonymity.
If liabilities are ever faked, users can publicly raise a red flag. Even if 1% of users ever bother to verify, it’d be impossible for any CEX to which users would fall in that cautious 1%. The larger accounts would almost always verify, and the CEX could at best get away with skipping only a small fraction of small accounts before being detected.
If nothing else, the FTX has collapse did increase DeFi usage and centralized transparency. While different forms of rehypothecation will continue on, perhaps the events of last week will cause a steady and a bit more narrow diet of players with too much to lose.