Beanstalk DAO falls to a corporate raid, funded by flash loan junk bonds

Beanstalk DAO is a DeFi lender running on the Ethereum blockchain. It was raided just before 12:30 UTC on Sunday 17 April for 24,830 ETH.

Smart contracts are famously prone to hacks. But this wasn’t a hack at all — this was a corporate raid. Even the project concedes that everything worked according to the rules of the project.

The story of the Beanstalk raid is the end of a long chain of slapdash and incompetent financial engineering, by people who just found out why regulations evolved.

How Beanstalk worked

Beanstalk worked like an unlicensed bank paying interest, or perhaps an unlicensed investment contract. We don’t need rules in DeFi!

Beanstalk had an algorithmic stablecoin called BEAN. When BEAN went over $1, Beanstalk would mint fresh BEAN coins. When BEAN went under $1, the project would create incentives to exchange BEAN for one of Beanstalk’s several other tokens. [white paper; blog post; BowTied Island]

The financial engineering was elaborate — but ultimately pointless.

Beanstalk was offering interest on locked-in BEAN tokens on the order of 2,000% to 4,000% annual percentage rate. Those numbers are enough to tell you straight away that this is not a sustainable scheme.

Beanstalk offered depositors SILO, the Beanstalk governance token. If you had over 0.1% of all the SILO, you could make governance proposals in the Beanstalk DAO.

The raid

In regulated markets, we have laws and regulations on how you can take over a company and drain it. A private equity corporate raider can borrow money to take over a company, by issuing “junk bonds.”

A lot of people consider private equity raids odious — but they’re not illegal.

Beanstalk built a system to let someone do a private equity corporate raid on them with junk bonds, in ten seconds, by computer.

BlockSec, BowTied Island and Omniscia outline the raid. [Twitter; BowTied Island; Ominscia]

The raider issued a proposal to donate $250,000 in ether to Ukraine for the war effort. This was proposed as a smart contract on Ethereum. [Etherscan]

The code for the proposal included a donation to Ukraine — but also a routine for the raider to take all the funds.

The raider needed two-thirds of governance votes to pass the proposal. How to get this many votes?

A flash loan lets you borrow cryptos and return them as part of the same transaction. Beanstalk had recently introduced two new crypto-assets that could be created using a flash loan.

The raider took out a flash loan to buy lots of the governance token, put through the vote, and then returned the loaned funds in an instant.

The raider did, in fact, send some ETH to Ukraine. The rest, they put through the Tornado Cash mixer.

The aftermath

Beanstalk is probably screwed, and BEAN’s dollar peg has been broken utterly.

The Beanstalk project has gone to exchanges asking them to block the ether from the transaction — and even to the FBI. The project’s anonymous founder, “Publius,” did not clarify to CoinTelegraph under just what law the FBI would have recourse to help them. [CoinTelegraph]

This was an outrageous shenanigan. But it’s not clear that it was any more illegal than the securities law violations that Beanstalk was already committing. The raider completely obeyed the project’s rules.

Publius said on the project Discord: “It’s unfortunate that the same governance procedure that put beanstalk in a position to succeed was ultimately its undoing.”

It’s also not absolutely clear that the raider had nothing to do with the project. The project founder is an anonymous person known only as “Publius.” Did the raider just duck in with a rugpull before the founders could?

Update: “Publius” revealed themselves: “I am Benjamin Weintraub, and I am here with Brendan Sanderson and Michael Montoya. We are Publius. We are the individuals who created Beanstalk.” They say they had no prior knowledge of the raid. [Crypto News]

This is what happens when crypto guys decide they don’t need regulations, and they’ll build corporate governance themselves from paperclips and string.

It turns out that rules, regulations, laws, and not having drastic things happen in ten seconds by computer can be a good idea in practice. Also, LOL.


I was also quoted in the Guardian about the raid. [The Guardian]

 



Become a Patron!

Your subscriptions keep this site going. Sign up today!

2 Comments on “Beanstalk DAO falls to a corporate raid, funded by flash loan junk bonds”

  1. “The Beanstalk project has gone to exchanges asking them to block the ether from the transaction — and even to the FBI. The project’s anonymous founder, “Publius,” did not clarify to CoinTelegraph under just what law the FBI would have recourse to help them.”
    IANAL but one would suspect, as Stephen Diehl put it in the Guardian article, that it would be embezzlement. Corporate raiding may not be illegal in and of itself, but if a corporate raider takes over someone else’s business legally and then steals the customers’ money, it’s still stealing the customers’ money. The real question is whether the raider turns out to be hard to find or beyond extradition (in eg Russia or North Korea), or to be protected by an impenetrable shield of his own ego like Ross Ulbricht was.

    1. It’s a tricky one. In the real world, a company with a pot of money like that has a fiduciary responsibility. As far as I can tell, Beanstalk’s responsibility was to … holders of the governance token? I’m not sure anyone involved was clear on any of the concepts.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.