DAO Weekly Meeting #42

October 21, 2022
ā€¢ 00:00 Intro ā€¢ 00:36 Operations Updates ā€¢ 04:18 Bean Sprout Updates ā€¢ 07:57 Marketing Updates ā€¢ 09:32 Engineering Updates ā€¢ 20:01 Design Updates ā€¢ 23:53 Publius Updates ā€¢ 26:44 Stolen Funds Bounty
DAO Meeting


Meeting Notes

Operations updates

  • BIP-28 Pod Marketplace v2 Halborn audit is expected to be done soon
  • There are a handful of Notion pages we are planning on making public to the DAO
  • The DAO approved BIP-26 which states that the bug bounty program includes anything Beanstalk related on the Immunefi site

Bean Sprout updates

  • Halborn submitted the final report for the Root contract
  • Root is gearing up for a market that will be ready in November
  • There are a couple of off-ramps that we are in talks with
  • They all have different approaches but are all very interested in Beanstalk

Marketing updates

  • The audio team is working on another podcast, they have been given the green light to continue
  • Asfi is going to start a learning class on Beanstalk that is separate from Beanstalk Farms
  • The educational video is still being worked on
  • Publius did an AMM with Halborn that went live https://www.youtube.com/watch?v=hpIopl5qVFY
  • https://stablecoins.wtf/ now has Beanstalk listed
  • We also had a Hacker Hangout with Immunefi recording can be found here

Engineering updates

  • Halborn has released a report on a penetration test on the Beanstalk UI can be found here
  • There will be an update to the Balances page that will ship very soon
  • The new Beanstalk analytics page is coming soon
  • We have been wanting to move the analytics off a third-party service
  • There is a test deployment that is not ready for public release
  • This will be a separate website from https://app.bean.money/, but the charts could be included in the frontend of https://app.bean.money/
  • A lot of good work going on with the SDK

Design updates

  • The BFC hired two new contributors, they both have experience in UI/ UX but will help out with product design
  • Started conversations with Vector DAO, they are a DAO that will contract UX and design work
  • They will accept the native token of the organization that they are working with
  • Working on giving the Pod Market an update
  • The Halloween theme should be shipping sometime very soon

Publius updates

  • The most exciting thing is the number of people that are working on Beanstalk
  • Publius has been working on helping everyone as much as possible
  • Halborn has been scaling to the amount of work that we are giving them
  • Another day at peg is a good day

On-chain bug bounty

  • Sync proposed that we should revisit the proposed bounty for the April exploit
  • Sync thinks we should purpose a 40% bounty, there is nothing to lose
  • This would align with the Mango Markets bug bounty
  • Sync has also engaged Hats finance, they oversee a decentralized bug bounty program
  • There would be no upfront fee to initiate Hats finance
  • The other workstream would be to track down where the funds are
  • The Mango Markets exploit seems to be legal
  • The Beanstalk exploit is not the same type of manipulation that Mango Markets experienced
  • The Beanstalk exploiter is less likely to come out and do anything without some cloud that will protect them from legal risk
  • Even if the DAO says that if the exploiter returns the funds they are off scot-free, that does not mean that they are totally out of the clear


okay I think we can get started uh thank you all for joining uh we typically start with an update from bean sprout manifold I think is unable to join us today but I see that halborn delivered um the route uh audit Publius can you maybe give us an update there or or anything on on what's happening with with the root contract if not I think the update then I can that I can deliver on behalf is that Halburn just submitted a report on the root audit so things there seems seems to be progressing okay let's move to bin stock Farms also start with you if you're happy to and this isn't really an update of mine but just on the audit front I also saw in the the slack channel that howborne said they were expecting to have a final report for bip 28 which is the Pod Market B2 uh bip by the end of today so you know hopefully at some point next next week that that draft and uh and such can go out uh my friend I don't I don't have much to add uh you know from from last week I would just share that folks can expect maybe in the next week or so there are a handful of notion pages that we want to make public to the community and the Dao to name a couple uh like a community grants page to provide some insight and transparency on how those grants have been distributed uh over the last couple months since that program launched uh things like you know how the Beanstalk immunify committee is responding to each bug report uh as well as the you know open sourcing some some notion boards that the the operations team used to uses to to coordinate various projects uh just so folks can uh have a little bit more insight into this into what's getting worked on as well as probably a a lightweight Beanstalk Farms job board in the works so that's uh that's mostly it for mind also do we want to spend some time maybe discussing or talking about the immunify bug program and sync I see you you during the um coil as well what what is eligible uh you know what is part of the bug Bounty program what is you know what is eligible what's not eligible how how does this work and what can the community expect from it sure I mean so what the Dow approved in bip 26 was the program that's currently live on the immunified site which lists as in scope the handful of smart contracts that are relevant to Beanstalk uh so not just the the Diamond contract but things like the fertilizer token the unripe asset tokens uh things like that and you know uh there's uh more details that I can share here uh on the link so I would encourage everyone to check that out but happy to answer answer any questions about in particular and I know I think uh sort of On a related note had brought up this idea um that maybe he wants to share a little bit about in the from the Beanstalk ideas channel uh about proposing a bounty for the April exploit but you know I don't want to I don't want to steal his thunder so I don't think you you had a little bit you wanted to share about that hey yeah do you guys hear me all right oh we're here to do yes okay cool cool yeah um yeah I was just thinking about um you know some recent events in D5 you probably saw um the mango markets exploit that was over 100 million and um the the exploit um thankfully for their Dow they were able to recuperate some of that so I was just kind of considering that and looking at um temple Dallas current situation with sax finance and I just was reflecting on um how we can go about maybe recuperating um or re-engaging the exploiter so that's where that idea is really uh kind of born from okay saying do you mind we can discuss this after after giving out the updates is that yeah no problem yeah okay great we'll just run through the updates and then maybe we can have an open conversation about this topic in specific and manifold I see that you're here we briefly have an update that that halborn just submitted a report on the root contract did you want to add something or something in addition to that congrats hey yeah that's that's obviously a major um right now with alborn um that you know we're hoping to have a complete within the next uh three weeks let's call it um and we're making a pretty strong push right now a market ready uh towards the end of November that we are we think it's going to be like rolling site for Farmers but for uh crypto and on-champ participants in general so you know it's been a lot of all Hands-On to a handful of contributors that's all that I've been working uh about it on it so you know just wanted to give a shout out there in that effort um on the on the credit card and uh banking partner front um there's a company that has an Open Class for a few days regarding the stock part um which is which is great if I mentioned this last call but kind of all all of the companies I've spoken with um that we're working with at some capacity regarding like on off ramps um all kind of have different approaches but they're all kind of interested a lot of people are trying to attack you know it's all starts didn't it but they all kind of have different wrinkles um yeah we started losing you a bit towards can you hear me can't hear you now yeah thank you sir that you're talking with uh or the talks with a multiple off-ramp um you know opportunities but you said all of them said something what is that thing they all have different approaches and they're all kind of slightly different products which is interesting but they're all equally as interested and and we're kind of all collaborating um and being stock specific Solutions there's just a lot of chicken colors um and you know aside from that uh you know there's a probably an update with the irrigation folks but not you're probably better soon to give back an eye okay thank you manifold um all right we we got back to binsock farms uh let's let's get the updates from the um you know I I know it's uh uh not the normal time but I think particularly for the people that are you know that know that they're gonna present it's it's helpful if people can try to have good microphones and be in a place with good Wi-Fi and I know that's something that we've we've struggled with so apologies for the hypocrisy but think like particularly given the purpose of these down meetings is to to just have everyone share what they're working on I feel like it's pretty important that it's easy to understand everyone so uh just a general comment thank you thank you for this and I agree I think we'll give some the benefits of the doubt just given that today was um the down meeting was pushed to another to another day okay um I can give an update from marketing and then we can move to to the development or engineering side so a few things that I'm gonna run through quickly um the the audio team we might have briefly said that they're working on another podcast so we we green let for them to continue producing that podcast so hopefully we're looking at some time next month you know for it to be out and we can we can get to hear it um as we who had recently just started a program with uh with Olympus wanted to start something similar uh with with being stuck and there's going to be an independent um course let's say uh that that will be giving explaining you know what Beanstalk is uh and and that is from his you know uh uh like his effort or his thoughts so that's going to be separate or separated from uh from being sock farms um we don't have a date yet on when is that going to uh go live but we expect uh that course to run for around 12 weeks um otherwise we have the video the education video that we're working on the the script is already recorded and now the video itself is in production um yesterday we had an AMA that was recorded with halborn some time ago went live um stable coins the WTF now is also live and that was you know part of the community grant program um and lastly we just had a hangout uh with an immunify uh yesterday and this is why we pushed today's meeting uh to today all right um Sarah Chad some Dev audio updates from your end definitely yeah what's up everyone and um a lot uh a lot to chat about a lot going on so first of all rolling back a little bit to the audit side I'm going to drop a link in the barnyard chat to the final report of halborn uh from halborn on the penetration test of the Beanstalk UI so um I think the first GitHub link is isn't working so try the the r weave one to view that that PDF uh happy to answer any specific questions about what's outlined here but the The quick summary is that um halporn presented us these these issues they've already been uh remediated in the UI throughout the last couple of updates but none of them were uh particularly particularly notable so happy to talk any about any of the specifics but just let me know um let's see so a couple other things going on on the the Beanstalk UI front so we have a new feature that's hopefully going to ship this afternoon that's currently in review uh We've refactored the the balances page with a new design uh from sweet red beans and this will include some some new layouts for all of your Beanstalk balances and hopefully start to to better clarify uh you know the the token balances that you have in your wallet uh in your farm balance as well as your Silo balances we're also adding a uh a view of your Silo deposits over time on a per token basis so this is a lot like what you can see on The Silo page currently which is the the aggregate value of of all of your deposits except you can see exactly how much Bean versus B3 curve Etc that you have deposited over time um and what one really cool effect of this is that you can actually see when you make converts and that sort of thing as you start to switch between tokens so stay tuned for that it's in code review right now and should hopefully go out this afternoon um I actually want to call up uh tbic to talk about a project he's been working on in the background uh that we haven't mentioned much but uh for those of you who've been around for a while you probably remember the days of of uh the Dune analytics page and uh tbix work on some of the the charts on that front uh when uh Beanstalk was replanted we started thinking about uh you know whether to spin that page back up or whether to to kind of move some of the the work that was done there into sort of onto our own infrastructure and so for the last couple of months uh tbix been working on uh getting all of that scaffolded out and getting started so maybe typic you want to talk a little bit about what we're uh what we're hoping to ship soon yeah sure thing well hey everyone how's it going um so like Chad mentioned I've been working kind of on a parallel analytics website to serve much of the same role that the Dune dashboard used to um serve for us in the past kind of one of the main reasons I decided against trying to pick up where we left off with the Dune dashboard is there would have been a lot of complexity in integrating pre and post exploit data given everything that changed and the Dune dashboard had like 70 or something queries backing it and I just kind of find their platform not scalable past a certain limit so we decided to kind of uh we wanted to do this for a while we wanted to take our data analytics infrastructure and move it away from some third-party provider and actually host it on our own infrastructure and kind of have more of a low level of control over where we're sourcing our data from and this website is going to be entirely backwards our subgraph which is where we pull a lot of the data that gets fed into the user interface and is a tool that we're going to be um it's already open for other people to query and build on top of but it's it's been going through a lot of iterations and uh credit to Kujo for all like the good work there but as it continues to evolve we want that to serve as kind of the base latest data layer for building analytics on top of game stock and uh the vision for this website is that um at some point we'll be able to like open source it open it up to like external contributions like obviously you would need some sort of technical skill set but I've tried to build in uh a mechanism that's as friction free as possible for contributors obviously you will have to know how to code and like build a chart but the developer experience from the point of like hitting subgraph doing some minimal data post processing and then converting that into a chart is pretty self-contained so they don't need much knowledge kind of outside of that base level of things uh we're not ready to we've got kind of like a test deployment of it I'm not going to share that today but in the barnyard chat I'll just drop one of the kind of more complex and interesting charts that we built out if you guys kind of want to a little tease of what the website might look like and what you might expect from it um this is kind of just a visualization of the uh order fills order and listing fills in the farmers markets over time so there's kind of like a this is just an image not a gif but there's a configurable Time access where you can change the date range that you're looking for and all of the linked charts will update in real time so it kind of actually if you see that little like Gray Bar in the uh part in the lower left part of the image I posted you can kind of drag that around and the other views will respond to that and you can actually see how kind of like the yield curve for pods evolves over time and you can dig into individual listings and things like that on the rec so that's just a small sample of uh the kind of more advanced analytics we're trying to bring you with this website and there will be some synergies moving forward as we kind of like ideate on ways to visualize Beanstalk data kind of within this environment where the developer experience has a little bit less friction than build moving something into the front end and for ideas we really like we can work on integrating them into the UI and hopefully like building out the native analytics capabilities there but this will be kind of more of a data playground space so typic first of all this looks you know pretty amazing out of your questions um is there going to be a single analytics page that then covers you know different parts of analytics or or is it going to be a mix we're going to have an analytics page and then some analytics will also be shown at the market you know side and so on uh so you see the kind of navigation bar at the top so this says like credit profile liquidity uh Silo field you can click on each of those tabs and it will kind of um change between different pages like this Market page actually has two plots but the first one is actually just kind of large so you'd have to scroll down to see the other ones so think of it as kind of like we're on the Doom dashboard we only had a single long scrollable page uh the Dune dashboard was kind of built out into segments and this will be more page oriented and there will be kind of like Parts within each page okay we also have the freedom to build like whatever kind of user interface around the stuff we want we've kept it pretty simple to start but um I mean I guess we're looking for ways to iterate on this moving forward yeah to expand on that a little bit so currently the the UI main the Beanstalk UI app.bean money maintains some of its own uh charts and its own charting library for specific charts like the bean price and and other things currently this uh this will be hosted on a separate a separate domain probably something like analytics.beam.money where it'll it'll be focused strictly on these sort of advanced charts that tbix building but we've designed the the infrastructure here such that the the charts that are that are uh you know provided on this analytics website could theoretically be included in the front end as well at some at some point in the future so we wanted to make it as modular as possible and and you know there may come a time where we have like One Singular Beanstalk analytics interface that that covers everything uh at this time there's you know there's some uh design and Technical reasons why that's not the case but uh we're thinking ahead sounds good and excited to see this you know come live awesome yeah TV anything else you wanted to highlight there before we move on um I guess like Chad do you have uh an idea of when we're actually going to try and get a live version in front of this in front of like everyone here and everyone else in the Dow or um is there still some stuff you're figuring out on the deployment end related to that yeah so I actually hope to have this out this afternoon um we have uh we've kind of figured out some of the deployment issues a couple final tweaks to make that uh on the front end side that we've been been pushing but I think overall this is good to go and so we're gonna get the last couple steps wired up and and get it shared with the community so just want to to preface of course that like you know this will change pretty uh pretty rapidly in the coming in the coming weeks so uh you know if the design changes or stuff breaks you know bear with us and always feel free to Ping myself or TV or anybody else on the engineering team uh with stuff that doesn't seem to be working foreign on it beans uh Chad is that it uh that's a that's the big stuff yeah there's a lot of stuff going on in the background which uh which you'll hear more about in the in the coming weeks the most notable thing that I'm excited about in particular is the the SDK uh so a lot of really good work going on there I think probably the the best way to tackle that is to um or to explain it is to wait until I can show you guys more of a demo so stay tuned but just know that that's not the uh not the only thing uh thank you and by that I didn't mean to say that wasn't enough it is you know a lot already totally totally um yeah let's move to sweet red beans I know he's got a ton of stuff to chat about also hey guys uh so this week the the BFC voted to hire on two new contributors who are uh going to be assisting on sort of a part-time basis they're both product designers uh one is Katara and the other one is Chill beans and and they both have experience working in ux in web 2 and so we're sort of excited to have them part-time so they're not here right now because you know they they do have day jobs but uh we'll be getting them in the evenings to assist with sort of most things uh you know mostly product design but uh both of them are actually quite General generalists in their in their ux capabilities so they can assist with some visual updates as well uh you know in in other news it's sort of regarding uh contributions we've also started conversations with Vector Dao I don't know how many of you are familiar with Vector Dell but basically they're a Dao that does you know contract ux and branding work for different protocols and uh what amazing I guess one of their their main selling points is that they accept the native token of the protocol that they're working with and uh you know they they sort of optimize for what they call ownership as opposed to for uh to cash and so that's awesome for us uh you know we'll keep you guys updated as we're sort of thinking about all the ux work coming in the next six months or so uh on a more kind of immediate and tangible basis uh have have been working on giving the Pod Marketplace a visual update and so the idea is to uh uh basically update the Pod Market to allow the user to like ingest a lot more data when they're looking at at the UI so I can drop a screenshot uh I wouldn't anchor too heavy onto uh some of these components are going to change a lot but uh this is sort of the idea on the the layout is more or less fixed at this point so uh yeah excited to uh to finish that up hopefully we'll have that done and and you know ready to hand that off to uh Silo chat and some of the other front-end guys by the end of or by the end of the weekend hopefully is is uh is the goal uh so that's that's been most of my focus uh you know we we should have uh the Halloween theme up and running uh within the week and uh actually kotaro is is helping explore some some alternate visualizations for stock and Seed uh obviously this is such a fundamental change to uh the design that we have now so would want to make sure that we we have plenty of uh feedback and and consensus among the doubt if if we do decide to move forward with that but that's mostly exploratory at this phase uh I see a question from jams uh which says how did I find the new hires curious if they were referrals or inquiries uh yeah so these are actually uh people that I've worked with in the past um so they are uh I actually worked with kotaro uh on a contract ux project previous to uh previous to to be in stock and uh chill beans is a referral of his so uh that's sort of the the background there if there are any other questions about ux or about the new hires in particular happy to answer this question is this the same kotaro as the one that was working for Beanstalk Farms prior to the exploit that's correct yes okay thank you sweetheart and of course beans Publius how how are things going at your end uh on Orange things are pretty good uh the the thing that I think from our perspective is the most exciting is how many different contributors there are from different groups and parties there's now root there's Beanstalk Farms there have been some grants uh through Beanstalk farms and being Sprout both that have uh had some meaningful impact on people developing around Beanstalk and we've been pretty busy just trying to help everyone kind of in a million different ways so from our perspective it's very exciting how much development is happening on and around being stuck and uh it's also very encouraging that halborn has thus far been able to scale up and down with all of the code that needs to be audited such that that isn't uh really a hold up in a significant fashion and anyone that was around prior to uh the exploit and April knows that uh there certainly was not that easy access to Auditors uh and certain and multiple Auditors to audit multiple things at once so this is a really encouraging development from our perspective when it comes to the overall being ecosystem and the development ecosystem and it's pretty encouraging so both the diversity and the fact that there's a support on the security front both of those are very encouraging and then in general there's I think there's still a lot that can be done to further improve the communication to the Dow like what Austin was talking about earlier around trying to get more stuff publicly available such that everything that that can be publicly available is so lots of work uh to do on that front I think across the board but we're just going to try to keep facilitating as much of that as possible so don't have too much of a substantive update on this end sorry we couldn't speak up earlier when you asked about the root token I didn't make wasn't working for whatever reason but generally uh generally very very uh another dead Peg is pretty good from our perspective these days thank you Publius okay I think now we can open the fluid and I guess you know the fluid was always open uh but we can go back to sync and I'm sorry for you know um cutting that earlier conversation which you want to share uh with us thank you but do you mind maybe taking starting it over or you know taking us through it again yeah yeah no problem um just want to make sure my audio is clear still great great so um yeah just uh you know we have the Beanstalk ideas Channel and um more recently I proposed um that we revisit the the Bounty proposed Bounty that to the exploiter for the April incident um considering the recent mango markets exploit and the negotiation that they were able to facilitate with the exploiter um whereby the exporter I think took about 114 million um and returned 67 I believe to the Dow and kept about 50 for himself and his team and he came out publicly everybody knows his name um so um obviously we have a different situation here where the exploiter to my knowledge at least um hasn't uh you know proactively engaged paying stock or being stock Farms um on the proposed 10 Bounty that was uh initiated immediately after that exploit in April so um my thought process is it doesn't hurt we have nothing to lose at this point we've already lost what we lost um so my proposal is that we revisit that and increase it to 40 to a line with the mango markets um incident um which is even a bigger exploit than what being stock went through um there's no guarantee here we don't I have no guarantee or assurance that the exporter is going to resurface because of this but I see I see it as a potential win with nothing to lose for the Dow also I went ahead and engaged um hats Finance they're a protocol that oversees a decentralized bug Bounty initiative where they have a lot of white hat hackers and you know people of that um subject matter expertise in their Network um where they essentially you know I was able to chat with them and I'm still kind of discussing with them the the bibs that we're going to put together and presented it for the Dallas consideration but um it would uh it would essentially correspond to what Beanstalk farms uh offered um shortly after the the exploit in April a 10 bounty to any group that is able to successfully um you know um get some recovered funds back to the Dow um what hats financed through my discussions with them they would not charge any upfront fee they've agreed to that uh between me and them um so there would be nothing that Beanstalk would have to pay to them to initiate this they're actually currently working with temple Dao to um to hopefully try to recover the 2.5 million that was just recently exploited from Stax Finance which is a temple Dow project and they have what they call ethical return smart contract whereby the exploiter could return the funds The Ether to this contract it would be a smart contract that would then um allocate um the funds back to the Dow and uh remaining portion um to the exporter as a considered as a white hat Bounty so um if this is successful you know and if the dial agrees to it I mean we're still having the discussion but um you know the other work stream as part of this that would be the primary work stream where we would we would you know um pass Finance would work with beanstock Farms they would um you know work with beans platforms to initiate this ethical return smart contract to deploy it that would be the primary work stream here the secondary work stream is um hats Finance has what they call um uh uh what is it uh Hunter hacker Vault program so Beanstalk would be able to create a bean stock specific Vault uh for what they call their Hunter hackers and um The Proposal would be to fund this Vault with some predetermined amount of beans um as part of the bip and it would essentially allow hats Finance to kind of engage their network of you know hackers Etc to kind of look more closely at uh chain analysis Etc to see if they can find any additional information that may be helpful to be in stock farms in its ongoing efforts to um you know track the funds down um and if that's successful then you know as part of the um bip uh the hunter hackers would essentially get the bulk of the reward here so um Beanstalk Farms would be able to set up a committee that would be specific to this Vault program um and you know evaluate submissions uh brought forward by these Hunter hackers and um decide if they're um you know worthy of uh being payments uh from the the bit proposal um to kind of incentivize them to start kind of get going and do some work and then um assuming this is successful um being stock Farms with the committee uh over this Vault program would then have the authority to decide how much of how much of a bounty reward is allocated to the hunter hackers depending on the quality of the submissions that they provided and whether those submissions were instrumental to a resolution so um potentially you know the 10 that was um offered would not be um you know fully rewarded here um you know if Beanstalk Farms deems that you know a one Hunter hacker let's say gave a good tip but um you know what you know doesn't justify the full award then you know being stuck as a dow would be able to recover um that portion of the reward back but at the end of the day here we're just talking hypotheticals here but I figured it's worth revisiting this and it doesn't hurt so that's what I'm trying to do and you know hopefully I can have more details to you guys by next week I'm actually having a call within next week so maybe I don't know if they'll be ready to present this at a dial by then but maybe if not next week's style meeting maybe the week after um so we can go from there so I hope that kind of covers it mod if there was any other questions just let me know cytosync I think you might have covered this already so what's the new offer that you're thinking of it's really not a new offer it's just the um it just up upping the the bounty to the exporter from 10 which was what the original offer that Beanstalk Farms had made to 40 which would be you know in terms of you know we can reference the mango markets incident as a justification for that where you know their exploit was even larger than mean stocks but that's pointer and his team you know came forward and publicly disclosed themselves and you know it is again and Breen and I had this discussion it's a slightly different circumstance because in in the mango markets exploit like the exporter like initiated a governance proposal uh after they pretty much took over most of the assets of the Dow and essentially um you know propose that they return a portion of the exploited funds in exchange for you know um being you know wiping their hands clean of any um you know accusations or whatever you know um so in in our case we don't have any communication Channel with the exporter they didn't come forward after the exploit and do like a bit right or anything like they just disappeared so we're in an entirely different situation where my hope is that at least similar to Temple Dao situation um you know the Public Communication about this um ethical return contract setting it up um you know having halborn look at the ethical return contract as part of the bit just to kind of you know make sure it's all good and clear and you know hopefully that will incentivize the exporter to come out and say hey I have all this money in tornado cash I can't wipe it and clean and come out with a clean slate but maybe this is an opportunity for them to do so so um I did also invite the hats Finance team to come into the Discord so they'll eventually get here um and hopefully in a call with them we can have you know they can probably clarify a little bit of this more in detail for you guys but um yeah that's kind of where my head is at with all this thank you thank and as a reminder to everyone here that this is an open conversation so you know if some and I'm pretty sure many might have some thoughts or ideas um just unmute yourself and like join the conversation I can maybe kick off this with you know a hypothetical and it doesn't mean that I follow this thinking um we may have passed the desperate stage so I understand you know us when it first happened to us and then look you know we're the mango guys we're at as well as soon as that happened to an extent the export is behind us do we still want to negotiate or now you know it's time between us and let's see you know how far or how long this goes yeah yeah just a comment on that mod real quick so like in this case it wouldn't be a negotiation like we would just be putting out that the ethical contract would just be kind of publicly um communicated um and I did share a link to um what Temple down had Finance tweeted so you know we would tweet it um it would be put out there um but beyond that it's you know it's kind of it would be kind of be up to the export or to to come forward and initiate um if they want so um this the separate work stream which is the The Vault program the hunter hacker Vault program I would just hop in for a sec to comment that I do think that there is in the case of the mango markets uh exploit there's much clearer uh legally uh it seems precedent that that action or those activities are not illegal uh or at least not compared to uh not that in law you necessarily made comparisons like this uh uh Apples to Apples but uh the Beanstalk exploit is not the same type of manipulation that the mango markets experienced and uh without commenting on whether one or both or none of them are are illegal at least from our perspective it seems like the Beanstalk exploiter is probably less likely to come out and and do anything without some sort of uh cloud or umbrella that will protect them from legal risk because of the the nature of of the Beanstalk exploit whereas I think in the case of the mango markets you had this guy sort of parading around in Triumph and then uh happy to negotiate and then he can you know claim to be benevolent to some extent or that he's you know not so bad uh it just seems like a very good quote-unquote highly profitable he called it a quote-unquote highly profitable trading strategy in his comment about it so that's he's kind of one of those code is law types and well and there's there obviously is something to be said for that and I think from his perspective it's hard to really infer but he did tweet about beans this week and in reference to the being exploit referred to it as a highly profitable trading strategy so if I'm sure from his perspective they're all the same uh in the case of the being maybe saying I'm sure is wrong but it seems that way uh in the case of the Beanstalk exploiter uh they seem much less confident uh in the legal the the lack of legal ramifications around it and in our uh an hour dealings with law enforcement it did seem that there was a really substantive difference in the fact that there was some deception around the exploit and the bips and that that that wasn't the same as some sort of basic uh price manipulation that then causes something like this to happen so uh yeah not sure how constructive this has been as a comment but if if the Dow is gonna kind of dive back into thinking about how to engage with the exploiter think that these are reasonable things to keep in mind it's the wanted to just raise our voice yeah I'll kind of echo that by saying like even if we as a Dao say like hey here's hats finance and here's this contract they set up where we can put in uh like you can return the funds and get some large percentage of it but from our perspective like you're off scott free like that doesn't mean anything legally like if that person then took the funds to FDX and deposited it in a kyc to count the feds are coming for that individual like the fact that we had this social signaling um around returning a subset of the funds and then us um kind of releasing them from whatever like wrongdoing they did that doesn't actually mean anything so I'm also kind of in the camp like while I see the argument that we don't have anything to lose here I also view the odds of success as basically zero yeah I'd probably Echo that seems like a very low chance of recovery at this point but you know not not going to discourage you from trying sorry yeah those are valid questions and I think you know um I think what my goal would be is to try to get the hats Finance team on a dow call and hopefully they can clarify some of those things for you guys but I I agree I think it's it's a shot in the dark but at this point you know I would just uh just add I mean I think the the maybe the Vault stuff was with you know some pre-minted number of beans was a was a separate conversation but from the perspective of the the April exploit where the attacker already has the funds I don't think we'd really need a smart extra smart contract of any kind just saying you know again it would just be social signaling at the end of the day but just having the Dow ratify that hey if you know some percent of the funds are sent to X address then the Dow will consider it uh you know a white hat Bounty but it's a t-bix point I'm not sure how much uh the eagle grounds that has yeah Deepika is completely right here because it pretty much any law enforcement agency would agree that the funds were clearly under the possession of Beanstalk and that they were stolen through deception and I mean maybe there would be some way to use Smart contracts to take in Ethan send out Monero or something and then the hacker might come forward but unless there's some way they're getting um opaque assets that can't be tracked I don't see why they would take the risk and for what it's worth I would suggest not dealing with them or paying them any money a I think again that the longer you know this this thing to an extent is behind us and the more time you know it is behind this the less um we're inclined let's say uh to even negotiate so I would even start with is the 10 offers still on the table you know or you know we we want we we have the time and we will wait and we will see where this goes you know okay I think if others um have no comments on this and there must be a lot of thoughts still you know in a lot of Forex heads maybe think you can try to continue this conversation and see you know where where the Dao is thinking thinking about this or you know how how they would like to proceed sure um as soon as I can get an update um I'll I'll let you guys know and hopefully get a had finance representative on on a dial call one of these weeks coming up and clarify some of these questions for you guys thank you for the consideration of course thank you for you know taking the effort I'm bringing this up and also and dropped the link to the channel where this discussion is happening and I would encourage everyone you know to at least you know maybe share share some of your thoughts or signal where where you'd like a vote to go or where your vote will land okay with that uh unless anyone else you know what let's give it a minute maybe someone will will have something to add before we end this uh in this call okay thank you all uh for joining us today and we'll see you next week's uh new thing which will resume again uh in the normal normal days and that's on Thursdays thank you guys