DAO Weekly Meeting #45

November 10, 2022


DAO Meeting


Meeting Notes

Operation Update

  • The updated Whitepaper for BIP-29 will go live if BIP-29 passes, also working on open-sourcing the Whitepaper
  • The technical documentation will be released very soon
  • The operation team is working on a job board

Engineering Update

  • The team is working on the SDK and implementing Pipeline within the SDK
  • Some requisite contracts for Pipeline and Depot should be rolling out to Mainnet soon

Design Update

  • The team has been working on the charting components within the Pod Market
  • Starting to put together a master components list for Beanstalk

Marketing Update

  • The marketing team will be posting short-form videos very soon just waiting for a new Beanstalk Farms logo
  • The audio team is working on a new podcast, which should be launching soon
  • Working on some PR opportunities
  • Mod323 will be switching to an unpaid contributor by the end of the month to focus on other things within Beanstalk. There is an open call for anyone interested in helping out with Marketing

Hats Finance and revisiting the stolen fund's bounty

  • Hats finance built a decentralized bug bounty program because centralized ones are bad for security researchers
  • Ethical return is a smart contract that has the conditions for the return within the smart contract so the hacker can audit the conditions before sending funds
  • There are some questions about the legality of the exploiter returning the funds to a smart contract. Sync cannot speak toward the legality. This would be something the DAO would have to decide on
  • Based on other exploits and the amount returned by their exploiter, Sync proposes we increase the bounty to 40% of the returned funds. There is no guarantee that funds will be returned
  • There is no upfront capital needed for Hats fiance
  • Hats finance and Sync will take a 2% reward if the funds are returned
  • The return contract allows for the exploiter or a white hat to return the funds to the contract
  • It is unsure what the chances are that the hacker will return the funds
  • Since the funds are still within Tornado Cash, the Hats fiance team thinks the exploiter is having struggles cashing out the funds
  • The Beanstalk Community multi-sig would be the beneficiary of any returned funds
  • The Hats finance team will take their 1% of returned funds in Ether and Sync will take their 1% of returned funds in Beans
  • The Ethical Return contract is used to codify the amount given to the exploiter and white hats. Any automated actions when the funds are returned can be looked into by the Hats team but it should be pretty simple
  • Sync reminds the community that this is just a proposal and if the DAO does not think that this is worth it then vote no
  • Another consideration the DAO needs to figure out is the price of Ether when the funds are returned. If the price of Ether is $800 should the DAO wait for the price to go up
  • The TempleDAO lawyer said the DAO cannot engage in negotiations with the exploiter
  • The DAO has to decide if they want to offer a higher bounty now to try to increase the odds of the funds being returned or keep the bounty at 10% and wait it out
  • If the DAO has an issue with the fees, Sync is willing to lower their fee
  • The only ongoing investigations are with two blockchain analytics firms

Bean Sprout updates

  • Working on the Beanstalk Coop idea, looking into using the Root token
  • Root is planning on releasing the Root token whitepaper very soon, and planning to deploy the Root token soon after
  • Irrigation protocol is coming along very nicely and MisterManinfold really likes to see Farmers stepping up and building things on top of Beanstalk

Publius updates

  • Publius really likes to see the high-level discussions that are going on within Beanstalk’s community
  • They remind everyone to vote on BIP-29
  • The infrastructure that has been built around Beanstalk should be deployed very soon and Publius thinks it is very exciting and is looking forward to seeing how the community and Defi react
  • Wells are taking longer than expected because the team is working on a Stalk gauge system to ensure the long-term success of Wells

Mod’s call with Chainlink

  • The Chainlink team has a product called Automation where anything on the blockchain can be triggered when certain conditions are met. Then they have a set of validators that will call the function for some amount of money for them
  • The Chainlink team thinks we can use this for the Sunrise function
  • The cost estimate for this will be Gas fees plus 20%
  • The DAO would pay Chainlink upfront for this
  • Brean does not see any advantages to this because it only costs Beanstalk 100 Beans a season as of right now and it seems like there will be more centralization


All right,GM , everybody, and thank you for joining us today. As a reminder, this town meeting is for everyone. So feel free at any point to unmute yourself and join the conversation or start one of.

I think today we can get started on being forums and yeah let's let's get together or go ahead and start with that. How are you going?

Am I doing well? I'm happy to give a quick update. I think I'll just briefly restate a couple of projects that are in flight that I mentioned last week. One on the white paper front. I guess firstly, you know, we'll have the updated white paper to reflect that. 29 changes ready to go in the event that passes and at a sort of a more metal level, trying to figure out how to make contributions to the white paper more permissionless.

So as a first step or opening to the open source, the source code for or the latex source for the white paper, I think the intentions and next few days or so. So look out for an update on that. Otherwise also mentioned last week some technical documentation that was in review and I think we'll probably air on the side of sharing that sooner rather than later, even though it's not in a in a finalized state, although I'm not sure it ever will be, there's probably infinite work to do.

There, otherwise hoping to spin up sort of like a job board of sorts for four beinstock farms for the handful of different roles that we're looking for. Folks in, particularly in engineering and design. So hopefully that's something we can share before next meeting as well. So those are the few substantive updates that are a I'll stick to for this one.

Oh, and of course, just as a reminder, but 29 is live. I think there's perhaps 9 million or so more stock that's required in order to pass and that there's about 30 hours left in the voting period. So we'll make an announcement and discord at some point after after today's meeting. As a reminder and Guy, I see you have also started the conversation on the governance channel about, you know, where do we want to discuss, I guess, some tips, whether it's on discord or elsewhere.

Did you want to touch upon that or do you think you've come to a conclusion? Oh, sure. Yeah. Happy to briefly bring that up, but I don't think it's a particularly urgent matter, but was just sort of sort of hoping to get a temperature check from the community to see if everyone felt like Discord was still serving as well for proposal discussions and such.

Notably, one drawback of discord is sort of from a permissionless perspective. It requires DMing a might in order to open to open a channel for a bit discussion, which is not ideal. But obviously there's a lot of other benefits to the discord that the community that has benefited from over the last year or so. So there's a adopted message in the governance channel.

Folks want to check it out and chime in. All right. Thank you. Thank you for that guy trying to chat. Do you want to give us some updates, children? Sure. A lot of stuff. A lot of stuff going on. Been very heads down this week, working on the SDK in particular, implementing pipelines in the SDK has been kind of the biggest task on on the horizon.

So continuing to to wrap that up, there's a lot of a lot of sort of nuance into correctly implementing that. And then, you know, over the next the next couple of days, I think, you know, we're going to start seeing some of the requisite contracts for pipeline and depot, perhaps routes as well, start to start to roll out on May net ahead of, you know, some some projects that I'll be launching on on Beanstalk in the in the coming week or two.

So maybe Publius can speak a little bit more to the specifics on that front. But, you know, really excited to have pipeline deployed on main net. There's a pipeline whitepaper in the works as well which perhaps can talk a little bit more about. But yeah, I'll kind of I'll kind of pause there. Thank you, champ. And fabulous. If you want to share some of what Chad mentioned, if you do that or maybe we can touch upon a related switch holdings.

Yeah. Thanks, man. A short update for me this week. It's been mostly trying to wrap up some of these charting interactions with the pod marketplace. At this point, the components are are mostly finished and now it's just sort of wrapping up like how the the the chart and the form will sort of work together. So excited for that and have been working with Chad on that.

And then additionally, on the design side, we're starting to put together a master component library which will sort of assist with one new designers who want to work with these farms. But to, you know, hopefully making it more permissionless to be able to sort of use and extend the entire component library. So that's it for my side for this week.

Thank you. A lot of work to ask what are and this is a reference to a saying or a governance discussion. And they asked, what are the alternatives outside of discord? I see the guy link to you, to the governance or to the to the message that they started. What are the other alternatives would be tools such as discourse and commonwealths and and guy mentions, you know, the advantages maybe to using to using them.

Okay. I can give a brief update on marketing. So not much on this end, but maybe you can touch on a few things. So there was a channel I was working on the clips and the as you know, us using some short video formats to post on our media channels. This is something that we're still working on. C, D has a few of them ready.

The reason we are holding them off is that we wanted to do also the distinction between being so far as them being such a protocol. We wanted to done that and it was launched in order to separate accounts. The only thing we're waiting for is a new instructions logo. Hopefully once we have that, then we will go with this.

Otherwise, all the team that they've been working on your podcast. The plan was to release it tomorrow. But just given the events that's happening around the crypto, you know, just in general and all we saw that this best maybe to to hold off the launch on that podcast. Lastly there are some PR opportunities that we're working on but nothing, nothing material to share at this moment.

Otherwise, I also wanted to share some some personal news. This is something that I've discussed with the team. So I plan on. I'm thinking planning on the end by the end of this month to switch from being a paid a contributor to an unpaid contributor. And the intention or the thinking behind that is I want it to free up some time to maybe focus on other things within Bienstock and maybe play around with some other ideas.

We will do this on a slower, let's say, handover. So we have, you know, some people who have moved forward and they wanted to, you know, help with being successful. One of them is like excited. Jackie has reached out and this is also an open call to anyone who thinks they can lend a hand or add some, you know, some marketing help to reach out and let's see, you know, what we can work on together.


Now, do you think it would be possible to maybe draft or drop somewhere a list of what you're regular recurring responsibilities are? Or maybe they exist somewhere so that people can say, ooh, they'd like to do that or taking yes or yes, certainly. So this is something that I'll do. And again, it'll be like a slow, you know, so I will continue to look after them.

So that is more like, you know, had a deadline on anything of that sort. But definitely that would be one thing to do, you know, just just to bring people on board. So see who is, you know, someone as yourself. They may be like, hey, I want to London, I have them there. And they can they can be part, part of the team, I guess.

So Mr. Manifold is caught up on on a call and I think they might join us later. So am I told of the Beanstalk being spun out of this to a later this call. But we have had finance with us today and that's gone and that's a build up on sinks proposal with regards to a bounty for the year for the sort of fun think do you maybe want to start this and have this conversation or.

Yeah, my thanks. Do you hear me? Okay, I hear you. Okay, great. So yeah, I wanted to thank you and Austin and others for facilitating this and accommodating the House finance team on today's call. So for those that aren't aware, if you check the Bienstock Ideas Channel several weeks ago I posted an idea about revisiting the April exploit in consideration of the closure that the Mango Markets Project had with their exploit.

It's all summarized there. So I repeat what has been stated, but we wanted to jump on this call and go over the proposal a little bit more. So I had the good guys over at Finance join us today. So I believe we have Engler from Hats Finance, and we're here for you guys. Yeah. So my name is Oliver or my set of names.

I'm not. I'm the director of operations at Hats and I'm joining today because I was the one who coordinated to gather with Temple down. So I have quite some insights on the situation there. And to give it a brief background, we personally we built it the central backbone to platform because the current process of backbone, this is really bad for security researchers and so we wanted to build something that helps projects get more audits and more disclosures to mitigate any hacks.

And we started to build the smart contract, which at that time be called Tech First Bounty Later, which was a provocation towards projects that refused to pay back bounties. But it's nothing we ever deployed. But when Temple Dollar got exploited, they actually have a bug bounty with us. So it was like really unfortunate for us that the hacker didn't choose to take the bug bounty, but it's dent went down the road to to steal two and a half million.

We directly reached out to them and like try to be as helpful as we can in handling the incident and what we actually ended up is we implemented a contract we call ethical return that is used to set the conditions of a return of funds in a smart contract so the hacker can audit what are the conditions for the return.

And then if you choose to send the funds in that contract, the bounty for him is already like preset and the team can only accept the funds or send everything back to the hacker. And we believe that this is also a very clean way to like make an offer to the hacker and facilitate the handover of the funds with like preset conditions.

So think maybe you want to go more into the specific proposal for Bienstock. Sure. Great. Thank you, Oliver, for that overview. So yeah, if you guys check that discussion thread, we've had some back and forth questions and I did my best to answer as best as I could. One of the questions that came up, I believe, when I first presented this in the early stages on a roll call several weeks ago and also on the chat, one of the questions that came up is legal considerations around the exporter returning the funds to Smartkom visa v the ethical returned smart contract that Oliver was just going over.

Truthfully, I can't speak to that. And the reality is, you know, this proposal, if it moves forward, this is something that I would have to make a decision on similar to, you know, the decision that magal markets decided to pursue with, you know, reaching agreement with the exporter in their incident. In the case of Temple Dao, I believe that's financed the bounty for that two and a half million dollar exploit.

It was 30%. Which Temple Dao, as Oliver explained, it's all coded into the ethical return contract. In the case of hats or in the case of mango markets, it was about a 40% bounty. So we're proposing to raise the bounty to 40% because the Bienstock exploit was similar in size to the Miguel Marquez incident, slightly less, but similar in size.

So there's no guarantee here. Again, this is just a proposal to potentially reengage the exporter with the understanding as the bienstock farms team has been told by several analytics firms, that ether that was stolen in April appears to largely remain on tornado cash. So I don't know what the reasons for that are. I don't know why the exporter hasn't moved that.

But our hope is that we can potentially try to reengage and perhaps the exporter has a change of heart and they decide to, you know, engage the Dow on this. So that's the essence of this proposal. It's a it's a coin flip. There's no guarantee here. But that's why we're bringing it forward. And, you know, I had good faith discussions with the hat finance team.

The proposal doesn't ask for any upfront capital. The reward back in April was 10% for any group that facilitates a closure to this incident. I've thought this through extensively with the House finance team. We've cut it now to a 2% reward. Again, our hope is is to, you know, facilitate some closure, if possible. And beyond that, that's the best that we can have to offer at this point, assuming no further information has been provided by analytics firms or the exploit or those in resurfaced on their own volition, we feel that this is the best path forward to at least give this one more chance, considering the amount of capital that was lost.

And Oliver can speak to that, the quality of the white hats and their network. The good thing about this return contract and Oliver, feel free to clarify if I mistake anything here, the return contract would actually enable the exploiter or a white hat if they're able to retrieve the funds themselves, to return the funds to the to the contract, and then, as Oliver noted, you know, the Bienstock Farms, Multisig or whatever would have control of that contract and they would be able to determine if they would accept the return.

And in that case, 40% would just be handed back to the exploiter or a white hat as a bounty. So, Oliver, can you speak to the the the the white hats in your network and the connections that you guys have on that? Yes, sure. So obviously, being a backbone bounty protocol, we are pretty deeply and rooted in the security community and we have a pretty strong community around our platform already.

We relaunching like a lot of hacking competitions and just, well, audit challenges. And so to be like really humble and honest, like we, we just had like an audit competition on our own codes and that got audited three times by very good auditors. And still someone in our community found another like one ability and disclosed it. So that's just a lesson as well to be very humble about smart contract security.

It can always happen to you and yeah, we we see like really strong participation and talent in our community. And on top of that, obviously, we are part of every big channel. For example, there's like one community where basically every big defi protocol at def and security researchers in from like Panteg to Andre to Samson to concerned entrepreneurs and so on.

And we would of course, promote this contract and the initiative to get the funds back in all of those channels to get to activate or sera security researcher in the community. And yeah, the cool thing is that anyone can return the funds, so it's not really dependent that the hacker himself moves maybe another, a security researcher would find a way to compromise his address and return the funds on his behalf.

But I think it's more likely that they would return to funds themselves, and there's no telling on what the chances are because it's just hard to tell. But, um, the fact that they're still sitting in, turn out of cash are indicates that the hacker doesn't know what to do with the funds. It's getting harder and harder to cash out stolen funds lately.

And why we personally like the solution. I don't know if you shut it, but we think it's a great tool because it doesn't cost anything. It basically just costs you the gas costs to deploy the contract and either someone sends the funds in or not. So there's nothing lost for the community and potentially a lot to be gained in case the funds are returned.

Initially, I think had the great idea to couple this together with a we called it like headhunter world where there was another smaller vault that would be used to collect information on the hacker. I pretty much like that idea because it has some great synergies. So you offered the hacker a way out while on the other channel, like starting to pressure the hacker and chase them.

It seems like right now there's no consensus on like the headhunter world. So I think Sink took it out of the proposal. But yeah, pretty much we want to offer you to use this technology. If it's helpful, we will take a like a 1% share of the of the funds that are returned. And but basically, we're not not doing this for this money.

We're just, you know, like trying to to move forward with like providing this tooling. So if you calculate, it's not that much, that would be our share. So yeah, happy to answer any kind of questions as well on how the contract works in concept. If you want to dove really deep into the how the code works, I can make you the GitHub or it's what connected with our solidity that's but I can answer any question on like how the process looks like it's thank thank you.

I'm glad we can maybe hear some you know others in the community here us anyone has a thought or a comment. One thing I just want to add mod. At the time of the April exploit the Beanstalk community Multisig did not exist. So I just want to clarify that was one question that we had on that finance team, as if this guy decided to move forward with this and the ethical return contract was developed by the Hacks Finance Team in collaboration with, you know, consultation with the BFD team, the Beanstalk community Multisig would be designated as the beneficiary for any recovered funds, so just want to throw that out there.

At the time of an April being stopped, Farms tweeted that the exporter could return the funds to the Bienstock Farms. Multisig We just want to clarify, it will be based off of the feedback I got from Austin. It would likely be the Beanstalk community multisig unless otherwise decided by the community. So just want to throw that out there as a clarification.

Thank you. And of course, these things come also, you know, the devil can decide, you know, where to send the funds to a lot of Baka asks, so do you take 1% of the return? 60% or 1% of the whole amount? Only of the 60% that is returned, if I'm correct saying. Can you confirm that? Yeah, that's correct.

That would be the to finance team with code there's and there was their reward be coded into the contract itself so they would directly receive ether upon any recovery once bienstock recovers under such a hypothetical scenario. In my case and the original proposal, I I'm happy to take my my 1% as a as being exposure. So, you know, that would entail, you know, beans being minted after the fact.

But I'm fine with that for the sake of having been exposure. And this, you know, reaffirming my my exposure to the protocol. So but again, that's again, a hypothetical, assuming there is even a recovery. But again, it would be one person, 2% total of the 60, and the Dow would then recover a net of 58%. We also specified in the proposal that the exporter should return at least 99% of the recovered of the stolen ether, which was at the time about 24,830 ether.

So, you know, whether the exploiter does that or not, you know, that would be, you know, we'd have to wait and see, but otherwise if they don't do it, then I won't have to potentially do it and also be credited a 40% bounty. And so what do you think are the next steps here? I know you're looking for more feedback from the community.

Do you still want some time to continue the discussion on the channel or do you think you're ready to, you know, propose the other? Yeah, I think I think at this point at this point, we're ready. We're going to scrap the headhunter Vault program for the time being, just because we want to, you know, pursue the ethical return smart contract option first.

And that seems to be in general well-received and that we can, you know, take it from there as far as, you know, development related collaboration, as Oliver mentioned, that finance dev team would be happy to work with the Bienstock team on this. I presume that the Hats finance team would code the ethical return contract and then do the platforms could, you know, run it through Holborn as an audit if necessary to check it off and make sure everything's good.

But we can we can fine tune the details if the Dow is happy to move forward. Okay. Another market shared a breakdown. Just want to confirm if this is accurate. So in the given scenario, let's say, you know the exploiter response, then 40% will be given as a bounty to the exploited, 58% will be returned to being stock or to the Dow.

2% will be given, as you know, maybe another bounty where 1% goes to half finance and 1% goes to the proposer. Who is your son? Is that correct? Yeah. So just to clarify, that's finance would get their 1% as ether as part of the recovery through the ethical return contract being bienstock would recover 59% has ether and then I would you know request as part of the proposal for beings to be minted for my 1% to correspond to the value of the ether at the time.

So if the ether doubles in price after my beans are minted, that's totally fine and bienstock retains the ether. And you know, it's all good. So just trying to keep it as simple as possible while also kind of reaffirming my personal, you know, exposure to being through this. So I have a problem if we have a go ahead, guy.

Thanks a lot. So I was going to ask if if either of you two guys assets in the channel that maybe you have more info now could you help me understand like what what exactly the ethical smart contract or ethical return smart contract does because it sounds like it's sort of just where the funds get sent for some beneficiary address to claim, in which case that's a little bit confusing to me, is what the what the purpose of the smart contract is.

And this is sort of why I mentioned why having the Dow decide what to do with the funds in advance would be would be helpful such that that can be codified in the smart contract. So just as an example, if the Dow elected to take any returned funds, add them as being three curve liquidity and just simply reduce the number of available fertilizer you could you know, that would be the thing to implement in the smart contract that is deemed, you know, a bounty.

If there are sorry a whitehat bounty of funds, a return to it. So maybe a one of you guys could help me understand the purpose of the existing smart contract. So the ethical return contract is in its current form. Once you deploy it, you set the beneficiary address and you could decide in your door whatever address you would like to use, be it the multisig of the Dow, be it some other address you specify the amount of bounty that the hacker will get back after you accept the funds.

And it is a, well, hot coding demand of a tip. You would give two heads and a set. We proposed it at 1%, but on deploy you basically set that and the reason why we think the smart contract is a beautiful solution to that is the hacker can audit the smart contract beforehand and check how much the reward is.

So without the smart contract, basically the hacker would need to take your word if you would say, Hey, please send us the funds back and we will then give you a 40% bounty. He will trust it. Or the other option would be that you would say a cent or 60% and retain 40%. But we think that in that case it's as well and more unlikely that the hacker will take the deal because.

Well, just a disclaimer. I'm not a lawyer, but I assume that just retaining 40% could legally be a different story than if you would initiate an action that would send the hacker 40% back, because that could be interpreted that this is a legal bounty as well. Said I'm not the lawyer, but the idea here is that the hacker has a higher incentive to actually take the deal because he feels that the 40% would be easier for him to cash out.

And this is the reason why we think a smart contract is a really nice solution. If you want to do anything specific optimized through the smart contract, we can take a look at it. Um, I would propose to not make it, like, too complicated, so I wouldn't include too much logic into the smart contract. But if it's some simple action, we can definitely look at it and try to, like, recode it in as well.

This is a general question maybe for I guess more that I guess the community, if the funds from tornado cash come into a mine. Okay, here's my understanding. If funds come from tornado cash into a smart contract, then then there's a problem. Then there's a problem with compliance. Or at least that's what I've gathered. Could that be a problem for us?

If you know these funds that are sitting in tornado, they come from there into a Beanstalk Farms contract in some weird regulatory way that we're not understanding has to be. That's a great question, to be frank with you. Can we you know, this question about, you know, legal considerations around this was brought up in the discussion thread. I personally can't answer that.

I know Oliver from the engagement that they had with the Temple Dao team. He can perhaps speak to some specifics on that, but yeah, this is, you know, ultimately this is a this is something for the DA to consider. And if if if there's a feeling that this is the way to go, then I suggest don't go for it, you know.

But if the DA feels like this is an appropriate opportunity to potentially resolve this situation, you know, that's something to consider. Back to Austin's question about or guys question rather about what to do with the funds. One of the hesitations that we had also ties in to what as we just said, you know, if the community if the contract itself executes, for example, upon receipt of the, you know, the recovered ether immediately purchased for for example with that is that a decision that the community would want to pursue if, for example, at the time ether's price is $800, you know, like, do we really want to buy, you know, you know, use up that ether

at a low valuation assuming ether the market is still depressed or does the community want to hold on to the ether? For some time to either, you know, until a certain price is realized for more benefit in terms of recapitalizing the protocol, that's where we kind of drew the line in the sand. That's why we don't add all that these nuances to this proposal, because we felt like perhaps a separate governance proposal.

So if there is a recovery, would be better to address that. So I just wanted to give our reasoning, but we're happy to it. You know, if if the DA wants to move forward with this proposal on the condition that there is some execution of, you know, some action with these funds immediately, then we're happy to throw that in there for the DA to deliberate.

And for what it's worth, I think it's a fantastic idea. And I, I think the you know, the the fact that something like this is getting built is it's encouraging that, you know, there's a chance for those you know, you're you're giving an out to the to the hacker. So on that front, I quite like it. But thank you for that clarification.

Yeah. So maybe just to add from what our experience was with Temple, because when we did that, both Temple had their lawyer active and we had our own lawyer active like talking through the process. And this is why in the end it is set up as it is that Temple Dao did deploy the contract themselves and setting the beneficiary and the bounty on deployment that that has legal reasons and as well they their lawyer told them that they are not allowed to negotiate it.

So the initial contract had the feature where the hacker and the team could negotiate a bounty while the funds are in because the their lawyer requested it. We took that feature out and now it's just has a fixed bounty that is set on deployment. And so that was basically the experience there. In the end, both lawyers signed off on the process.

We did not discuss at the time what could happen if if the the funds went through tornado cash before going in. So I cannot comment on this. I can say that we personally do share that we are getting the the 1% will as well be part of that funds out of tornado. We will let it sit in the address for a while, not touching it until there's more legal clarity for us.

And what I would just propose is that you will activate your own lawyer and have a brief discussion with them about it. You can either do it after the funds are in the contract and then discuss it, or you could do it upfront. But in the end, I think it depends on a lot on how Beanstalk is set up and like in which jurisdiction you would actually be like scared to have repercussions.

So yeah, I can just give the advice before speculating. You should really talk to someone who's familiar with your structure and so on. And that was our experience with Simple though. Okay, I'm just going through the some of the messages there on the on the barnyard chat side of champ share the ethical return contract on what is some clarification on you know, what is the role in the process to justify the 2% let's say a bounty as you're saying that you responded and you said that the draft proposal is, you know, 2% instead of the 10% that was originally offered by this offense.

I just want to highlight that earlier in the on the proposal that was offered, it was if anyone returns the amount they take 10%. But it wasn't that that is going to be a percentage. But they left, you know, two to the exploitive. I also want to maybe take the other side of the of the thinking here. I think, and, you know, maybe share share some of your thoughts on this argument.

So we've seen recently, maybe maybe last week or I'm not sure exactly when, but, you know, the the amount that was stolen from the settlement was recovered when although the mongox hack as well was recovered, you know, everything that's on the blockchain that it stays on the blockchain. So what do you think about, you know, why are we in a rush and let's wait and see if we can recover all of the amount eventually in the future.

Maybe rephrase that. Why give up some of the sort of funds when we can wait and you know, maybe we can recover all of it there? Yeah, to be honest, Marta, you know, this is just a proposal, guys, like if you guys want to move forward with it, if the community does want to move forward, it's totally cool.

Like I lost some hours doing this but they had finance team has been gracious enough to come forward and try to help. I actually came forward with this idea originally before I even proposed this in the being start forums, Friends Channel, right? I threw it out there and you know, I went ahead and just tried to spearhead some discussion to kind of figure out what the what Temple Dao's reasoning was for moving forward with this ethical return contract in the case of this tax finance exploit, coupled with, you know, the success I saw in terms of the resolution that mango markets had.

So that just to clarify, that was the foundational impetus for the all of this has financed does not know who the exploiter is. Nobody on this call knows who the exploiter is. This is a good faith proposal in hopes of trying to recover funds as to why we were proposing 40% at a 10%, I think dumpling said it best, 50% of something is better than 90% of nothing.

Right? In this case, it's 58% of something is better than 98, 90% of nothing. That's the whole you know, that's how our argument the exploit happened over half a year ago. The funds, as far as we understand, and based off of the most recent comments that were shared by chain analysis back at the end of September, right before they were expected to jump on a Dow call, which they canceled at the last minute, the funds are still on tornado cash as far as what we've been told through being staff farms and from these analytics firms, this is just a good faith attempt at trying to get some of those funds back.

We can continue to wait. We can, you know, the Dow can decide for itself. 10% is all. We're going to wait. We're willing to offer back as just as we offered in April. We don't want to increase time. We're just going to let this continue to drag out or the Dow can decide, you know what, let's try to get a closure to this and see if maybe a higher bounty will entice the exporter to come resurface.

That's what we're offering with this. But if that's ultimately not a decision that the Dow wants to move forward with, nothing's lost. Like Oliver said, there's no cost to the Dow here. There's no there's no beans been requested to be minted here. We're going to scrap the head, the headhunter vault program from the proposal. This costs nothing to the Dow.

The only cost would be, as my mentioned, the higher bounty. That that is something that the Dow has to decide. Is the Dow willing offer a higher bounty for potentially a resolution of this versus just the status quo, which is waiting in limbo in hopes that the exporter resurfaces. So that's a decision that needs to be made here.

Thank you. Thank. And how to Smith, I think echoes your thinking, which is, you know, why are we concerned about the fees? If we could receive something or get something back? Okay. So I think next steps then is to formally propose it. Is this what you're thinking? Yeah, I'm the House finance team is ready to move forward on the ethical return contract.

All we need is for Bienstock from the Bienstock Farms team is to designate who would the beneficiary address be as part of that ethical return smart contract? Would it be the Bienstock Farms Multisig? As was noted back in April to the tweet and the tweet to the exploiter? Or would it be the new Beanstalk community? Multisig Beyond that, you know, Oliver mentioned that the hat finance developers are happy to move forward with the Beanstalk there a contract?

I'm happy to set up a group chat mod to connect everybody to get this moving. And quite honestly, if there's pushback on the fees, real talk guys had finances doing most of the work here I'm happy to cut mine down to half a percent. Like if that's the issue, if that's a sticking point here, like I've done all this at no cost to myself.

I've reached out and facilitated this collaboration. At the end of the day, I've lost nothing here again, something if we recovered at the end of the day because I've lost money to exploit too. So, you know, I just want to throw that out there, like, don't let me be the that don't let the fees be the end of this proposal.

Like if that's the issue, I'm happy to just cut mine down. Like at the end of the day, let's not deliberate about that. This is about recovery for everybody. Thank you. Thank. And I think, of course, an efforts is an effort even I understand that some may also highlight that it doesn't take that much to write such a contract, but I think it takes as long as someone put the effort or the initiative in even maybe finding this contract, not even like writing it themselves.

My my own take is not it's not the fees. It's more of, you know, maybe rewarding exploiter. I think that we are at a stage that we may not want to negotiate. So I'm still happy. I'm I'm talking about personally speaking, you know, I'm happy to reward someone that will put effort in returning. But maybe not not rewarding exploit it.

But, you know, to all to all their thoughts and opinions, of course. And once this thing goes live, we will find what's the, you know, collective communities, the thinking behind it. Yeah, I totally agree with you mind. And just to be clear, with everybody like me has financed nobody on this call wants to reward the exploiter more like that's not like you know, I think the president was already set with what happens with with mango markets.

Right that exploit with over 100 million being stock was roughly ten, roughly 30, 40 million below that. We're just looking to hopefully try to achieve a resolution based off of the precedent that was already set with mango markets here. So yeah, so maybe one thought at in my opinion, right now the hacker has like all of the funds, right.

And maybe this is a philosophical question, but so like getting back like 60% of that, it's already like him having 60% less. If you feel like the 40% is too high and you just want to play time, you could set the bounty as well on like 10% and just like let the smart contract sit there until the hacker would choose to use it.

Yeah Maybe it's a philosophical question, but I don't see it as like reward the exploit or more because he already has like all of the funds and the initiative is just to recover some of them. Okay, let's give it maybe a minute or two, see if others have any other thoughts that they would like to add to this topic or sort of move to the next one.

And of course, let me know if this was interesting. Anything else? Yeah, I just want to add I want to be very clear. The mango markets incident was the circumstances around that were different. The exporter engaged our Dao immediately after the exploit use governance power to propose a resolution. The resolution was ultimately determined was ultimate move forward. The exporter and his team then disclosed themselves publicly.

He even did an interview with Lawson. I'm not saying that we're going to get all that with this that spoiler. And our case has been ghost since April. I don't know if this proposal resurfaced, exploit or not. It's my hope that they will resurface and a recovery will be achieved in some manner. I just want to be very clear.

I acknowledge we all acknowledge the circumstances are different. The only similarity here is we're going off of the precedent. 40% is all it took for the exporter to give back mango markets their 60. That's our hope that something similar to that will be achieved here. Thank you. Thank. Dean had asks it'll be nice to know the status of any other investigations taking place you know, regarding the exploit so I wouldn't maybe call them investigations.

The only thing or the only two things that we have is let's get in touch with one of the groups or companies and they are monitoring basically, you know, any activity that's happening to us, a lot of funds and, you know, maybe some activities happening and they're unaware of it. But, you know, we we routinely check with them and, you know, they tell us nothing, nothing, nothing has happened so far.

But with regards to the how to. SMITH Thanks. Thanks for taking the initiative I close out on I think others do as well so thank thank you. Thank respect of I know regardless of where where this proposal goes to thank you for taking the initiative no problem no problem. Regardless of the outcome. I'm I'm happy to have had this experience and at the very least, that finance team is connected with the Beanstalk team now.

So that collaborative, you know, engagement is there's a possibility in the future potentially for other initiatives, hopefully. So, you know, this costs nothing to me, guys. At the end of the day, I'm just hopeful that, you know, if if the Dow does decide to move forward with this, ultimately it is hopeful that a recovery is achieved. If it isn't and there's no guarantee that there ever will be.

At the very least, we can look back and say we tried our best. You know, beyond that, I can't promise anything. And, you know, I just want to echo what Oliver mentioned as well. Had a finance team as part of this. If they if this proposal moves forward, not only would they be working with being staff arms devs to make sure that everything squared away with the contract, but they would do their part to publicize this.

They would tweet this as Oliver mentioned, they would share this within their white hat network and the various communities across Etherium in hopes of making this a more visible initiative. Thank you. Thank and thank you, all of us on the House finance team for joining us today. Thank you for having us. And I hope it will come to a good end at some point.

We wish you the best of luck. Thank you. Okay. Mr. Manafort, do you want to move quickly? Maybe it's something as part of this on your end? Sure. Thanks mod. So just want to say I think everyone probably feels similarly. The past week has been insane and and pretty humbling if you're in the space and just want to say thankful and to work with this group of really talented and humble individuals.

I think it goes a long way and it's, you know, for the Dow as a whole, just just proud to be a part of the community. So with that kick off, some updates, bring an apology. I apologize. I joined a little bit late. So I don't know if you discussed this, but we're working through the chicken bones on being stock concept that Brett initiated, which is fantastic.

We've had several calls and hopefully we can get a proposal out shortly. Brian, I'll defer to you on further details here, but it looks like they are possibly going to leverage routes, which is really exciting. Speaking of routes, we're planning to publish the white route token white paper in the next few days and hopefully deploy the route token at some point next week.

Final details are still TBD, but that's current timing. Paradox is a partner that is going to be deploying and grading World Cup pools, that is going to be leveraging routes to denominate pools in and trade into team tokens. And there's going to be more titles with this specific market upcoming on this is also very exciting to us as it's the first instance that I know of of beans being used outside of the Bienstock protocol, native functions like lending or providing liquidity.

So this is a big step forward for Bienstock in my opinion. And you know, just want to shout, give a shout out to everyone that's worked tirelessly this last month, spreading to as fast as possible, all while ensuring all code is audited and deployed in a safe manner. You know, it's taken a lot of hands in the pot.

And I just wanted to say thank you to everyone that's been involved. Another thing for clarification, because I was asked this question separately in a message I figured I'd share to the doubt, the root betting exchange itself is still being developed and currently under audit and contracts are beginning to enter the audit stage. We had a call with our board on Monday for some of the initial work contracts to start getting audited.

There's still lots of work to be done here, but most of its focus in recent months has been assisting and developing Bienstock to become really a more composable system. Things like Bank 24. Also in it give Beanstalk Farms a shout out for things like the SDK, which is taking a gigantic effort that's also instrumental. And so collectively we feel like we're building a real foundation here for Beanstalk to become a real building block on the theory arm and Multichain and defi as a whole.

Another shout out I wanted to give wells to see. Now on leading derogation. It seems like he's making fantastic progress, I think between female and brain. It's a great example of of of to farmers taking an initiative to go build and really put their hat in the ring and build a team and potentially for them to go execute.

So, you know, really, really cool to see that happen. And you know, that just makes me really bullish on the future of beet stock. So those are those are kind of my key updates. Thank you. Manyfold. You know, I think I speak on behalf of the doubt when I would say we're very, very excited to see a road.

You know what trust has been building and then also seeing it, seeing it in action. So all the best of luck and you know, we all stand behind it. Thanks a lot. Appreciate you. Okay, Publius, did you want to share some thoughts or updates on Iran? Hey, how's it going, man? I'm glad. Well, first off, you know, just incredible, as always, to hear about all of the, you know, the vibrant discussion in these meetings and, you know, the level of discourse.

It's just such a high level and it's just incredible. And, you know, the level of, you know, intelligent people surrounding Bienstock and, you know, want to shout out before 29, which is ending in a couple of days. You know, please, though, if you haven't, if you're in support, of course, you know, and shout out Maltese for the tireless work he's put into this.

It's truly been months of work and you're super excited for that. Beyond that and you know, within the next week, we're probably, you know, are, you know, the amount of infrastructure that's being deployed around Bienstock and is the culmination.