The story of the Beanstalk raid is the end of a long chain of slapdash and incompetent financial engineering, by people who just found out why regulations evolved.<\/p>\n
![\"\"](\"https:\/\/davidgerard.co.uk\/blockchain\/wp-content\/uploads\/2022\/04\/beanstalk.png\")
<\/p>\n
How Beanstalk worked<\/h3>\n
Beanstalk worked like an unlicensed bank paying interest, or perhaps an unlicensed investment contract. We don\u2019t need rules in DeFi!<\/p>\n
Beanstalk had an algorithmic stablecoin called BEAN. When BEAN went over $1, Beanstalk would mint fresh BEAN coins. When BEAN went under $1, the project would create incentives to exchange BEAN for one of Beanstalk\u2019s several other tokens. [white paper<\/i><\/a>; <\/i>blog post<\/i><\/a>; <\/i>BowTied Island<\/i><\/a>]<\/p>\n The financial engineering was elaborate \u2014 but ultimately pointless.<\/p>\n Beanstalk was offering interest on locked-in BEAN tokens on the order of 2,000% to 4,000% annual percentage rate. Those numbers are enough to tell you straight away that this is not a sustainable scheme.<\/p>\n Beanstalk offered depositors SILO, the Beanstalk governance token. If you had over 0.1% of all the SILO, you could make governance proposals in the Beanstalk DAO.<\/p>\n In regulated markets, we have laws and regulations on how you can take over a company and drain it. A private equity corporate raider can borrow money to take over a company, by issuing \u201cjunk bonds.\u201d<\/p>\n A lot of people consider private equity raids odious \u2014 but they’re not illegal.<\/em><\/p>\n Beanstalk built a system to let someone do a private equity corporate raid on them with junk bonds, in ten seconds, by computer.<\/p>\n BlockSec, BowTied Island and Omniscia outline the raid. [Twitter<\/i><\/a>; <\/i>BowTied Island<\/i><\/a>; <\/i>Ominscia<\/i><\/a>]<\/p>\n The raider issued a proposal to donate $250,000 in ether to Ukraine for the war effort. This was proposed as a smart contract on Ethereum. [Etherscan<\/i><\/a>]<\/p>\n The code for the proposal included a donation to Ukraine \u2014 but also a routine for the raider to take all the funds.<\/p>\n The raider needed two-thirds of governance votes to pass the proposal. How to get this many votes?<\/p>\n A flash loan lets you borrow cryptos and return them as part of the same transaction. Beanstalk had recently introduced two new crypto-assets that could be created using a flash loan.<\/p>\n The raider took out a flash loan to buy lots of the governance token, put through the vote, and then returned the loaned funds in an instant.<\/p>\n The raider did, in fact, send some ETH to Ukraine. The rest, they put through the Tornado Cash mixer.<\/p>\n Beanstalk is probably screwed, and BEAN\u2019s dollar peg has been broken utterly.<\/p>\n The Beanstalk project has gone to exchanges asking them to block the ether from the transaction \u2014 and even to the FBI. The project\u2019s anonymous founder, \u201cPublius,\u201d did not clarify to CoinTelegraph under just what law the FBI would have recourse to help them. [CoinTelegraph<\/i><\/a>]<\/p>\n This was an outrageous shenanigan. But it’s not clear that it was any more illegal than the securities law violations that Beanstalk was already committing. The raider completely obeyed the project\u2019s rules.<\/p>\n Publius said on the project Discord: \u201cIt\u2019s unfortunate that the same governance procedure that put beanstalk in a position to succeed was ultimately its undoing.\u201d<\/p>\n It\u2019s also not absolutely clear that the raider had nothing to do with the project. The project founder is an anonymous person known only as \u201cPublius.\u201d Did the raider just duck in with a rugpull before the founders could?<\/p>\n Update:<\/b> “Publius” revealed themselves: “I am Benjamin Weintraub, and I am here with Brendan Sanderson and Michael Montoya. We are Publius. We are the individuals who created Beanstalk.” They say they had no prior knowledge of the raid. [Crypto News<\/a><\/i>]<\/p>\n This is what happens when crypto guys decide they don’t need regulations, and they’ll build corporate governance themselves from paperclips and string.<\/p>\n It turns out that rules, regulations, laws, and not having drastic things happen in ten seconds by computer can be a good idea in practice. Also, LOL.<\/p>\n I was also quoted in the Guardian about the raid. [The Guardian<\/a><\/i>]<\/p>\n <\/p>\nThe raid<\/h3>\n
The aftermath<\/h3>\n
\n
![\"Become](\"https:\/\/davidgerard.co.uk\/blockchain\/wp-content\/uploads\/2021\/10\/become_a_patron_button.svg\" "\\"Become")
<\/a>