Proposal #25: Restore staking rewards

Context

After the Tornado hack, which occurred after proposal 20, in addition to the main losses associated with the hacker withdrawing 483 000 TORN from the Governance Vault, another problem arose - a broken Governance Staking contract and the withdrawal (via bug) of more than 130 000 TORN.

This happened for a very simple reason: when calculating the total reward for the withdrawal commission paid by the relayer in the staking contract, the addBurnRewards function and the accumulatedRewardPerTorn variable are responsible. The calculated reward per 1 TORN of staker funds depends, of course, on the total locked tokens - and Staking contract, since all staker funds must be in the Governance Vault, it simply checks the balance of the Vault contract.

Since almost all of the tokens in the Vault contract were withdrawn by the cracker, the few TORNs left in the Vault contract led to the emergence of a huge rewards out of nowhere from each relayer fee payment, which led to an increase in staker rewards to millions or even billions of TORNs. Since it was no longer possible to fix what had happened by changing the data in the contract, I had to create a new staking proxy contract and a logical contract (implementation), which was done in proposal 22. Since the old state (data on rewards and so on) remained in the previous proxy contract , after the execution of proposal 22, the rewards of all users were reset to zero - especially those who had honestly earned rewards before the hack and did not have time to withdraw them suffered.

Changes description

To restore rewards, needed:

• Change the logical contract (implementation) of Governance Staking by adding the setReward function, which will allow you to directly set rewards for stakers (of course, it can only be called using the proposal, on behalf of the Governance contract);
• Return the old rewards to the stakers - of course, only those who did not have time to withdraw them after the hack, and only those who had more than 1 TORN rewards - since we are limited by the commission and the maximum size of the contract compiled bytecode;
• Transfer the total amount of rewards returned to stakers (42 754 TORN) from the Governance contract to the Staking contract so that they can take the tokens without disturbing the balance of funds in the contract.

Proposal

https://git.tornado.ws/Theo/proposal-25-restore-rewards

The code includes the main proposal contract, all the functional code of which, except updating the Staking implementation contract, is automatically generated by a specific TS script.

This script first gets the addresses of all stakers, then checks their rewards before the hack, filters those who managed to withdraw from the moment of the hack to the moment the new Staking contract was created, calculates the total amount of returned tokens and generates a Solidity code that is written to the codeToAccrueRewards file .txt without a single change and then copied into the code of the main proposal contract. Anyone can run this code again by running npm run computeRewards in the repository directory and compare it to the code in the proposal’s main contract.

Information about all stakers with balances over 1 TORN before the hack is in this file - you can check the details of any address yourself.

I also suggest that everyone compare the modified implementation of the Staking contract with the verified code of the actual implementation on etherscan - the difference is only in the new added setReward function.

New deployed & verified contracts

1. Governance Staking Rewards implementation contract: etherscan code
2. Proposal contract: etherscan code

This is meaningful，although it has a certain impact on the currency price

Big thanks to Theo for his work on this proposal, but what I’m trying to say is that the stakers need to pay for the mistakes they made, the treasury itself is not responsible, if everything is covered by the treasury, the funds will be misused, this kind of errors will always occur.

Hackers attacked us and caused the currency price to drop. Now it is not a good way to recover the rewards. Some people have distrusted or left us. If we can wait for the currency price to return to $7 or higher before returning the rewards, it will be a good time for us to get through this period. Hard times help of course that’s just my opinion

I think this is not the time to do this. The price of $TORN has dropped significantly since the DAO hack. If the rewards were returned now, a lot of people would panic.
That means more people leaving TORN. We should do this proposal 25 when the market recovers.

Where is the conscience of those who voted against?

people who recently bought tokens are mocking old stakers

In order to regain everyone’s trust, everything that was lost in the hack must be restored.

The selfish thinking of those who cast a no vote will dilute the value of the token more than long-term stakers.

Everyone who commented is only worried about the token price.

We need to regain trust in governance before we can regain price

It’s not that I don’t pay the $TORN reward but I think it will be better to wait for a while when the market recovers. The reward before the DAO hack will still be there.

Trust governance has nothing to do with recovery rewards

Do you know the structure of Tornado Cash?

Token holders deposited and earned rewards because they trusted the governance.

If trust is not restored, more token holders will leave than the number of rewards.

People who are only interested in making a quick buck are not thinking about the long-term value of the token.

The people who lost their rewards in the hack are the ones who trusted Tornado Cash and deposited their tokens for a long period of time.

If the proposal is rejected, it will lose the trust of people who have deposited tokens for a long period of time.

If the price of tokens right now is more important to you than the trust of people who have deposited tokens for a long period of time, please vote against it.

I will follow the results of the vote.

ps. Clinging to small things can lead to a loss of big things.

Delay rewards instead of canceling them

If you don’t know, don’t speak

No one can delay the rewards that are rightfully earned by depositing and staking tokens.

What would you do if someone locked and controlled your duly acquired token?

It’s just my opinion if you have a problem you can just pretend you didn’t see what I said right what does it matter to you?

You started answering my argument first

Stupid, get out of here

i just feel sorry for you

The liquidity is already terrible to handle the sell-off, and the people who staked sold off already, from the amount of TORN 42754 we can conclude that. People are already very scared and not even aware that TORN is safe, if they see a random drop from 3.6 to 2.8 & liquidity killed too I can guarantee you Binance will say sayounara. If the stakers wanted their lost rewards they would vote YES, and buy TORN, but guess they are too scared that people will dump on them, thus for them loss of trade higher than rewards. The ones who voted NO, well done! To small dolphins who still hold, like me, it is unfair but I don’t mind, worse events could’ve happened. We are lucky Binance resumed deposits / withdrawals and the token is somewhat still alive.

TLDR: most of the people who lost staking rewards sold off already, they will market sell.

A better idea would be to execute this contract 1~2 years from now, when the next halving for Bitcoin happens and the sentiment turns bullish.

That’s one of the reason that I didnt vote.
I have no responsibility to vote for others if i didnt loss in this event.
People who have staked are always waiting for someone to vote for them,

btw, I support to restore the reward, no matter how it affect the price or what,
this is a legitimate gain and they are deserved.
It’s unreasonable to use their legit benifit to use for measuring the price effect.
But still, if the governance is tended to against the proposal with a small amount voting, more or less which means whether restore or not, is not that important to the governance.

I am also the one who lost the TORN stack reward before the hack. But the market is very bad right now and if a large amount of TORN is sold, it will cause a lot of damage to the price. After the trading volume is less, it will make Binance delist because TORN is already in Binance’s Inova Zone.
The majority of people join Pool staking to make profit from $TORN.I don’t think it’s necessary to return the reward right now.

I accept that the governance reward is what the pledgee deserves, but it has been stolen by hackers and has nothing to do with DAO!
I believe that the money in the DAO is used to pay contributors, or to safeguard the interests of all or most of the Torn holders, and that it serves all the Torn holders, not just the pledge holders.
To plug the hole for the stolen coins by hackers, this is 40,000 Torn holes, if it is 400,000, 4 million? Should we also extract it from the DAO? In that case, should we withdraw all the money from the DAO and divide it equally among the voters? Again, the DAO that does evil is the DAO’s decision. Let’s see how the vote goes.
I would like to see the pledgee reclaim the lost rewards, but only if the hacker returns them, not claim them from the DAO.

I dont think this argument holds, if you point is that DAO should not take responsibility to hacker stolen event, then should DAO rebuild the system when it has been hacked? Should DAO just let the system broken and wait for the hacker to restore it?

If we didnt got hex and theo helps, the project is already dead. and some of us will loss a lot because of staking pool draining. If your statement is that DAO has nothing to do, then we all go hell. Why safeguard is part of DAO, but restore pool is not part of it? then should we reject the last proposal that about restore the staking pool? Just let our staker didnt withdrawn their own token, and build another contract start from zero? I dont think there are any different bewteen this two proposal, they are also pool recovering.

Just weird that why the last proposal (pool recover) didnt get against but the same situation right now is getting against… because of personal benefit? Then this so disgusting that to use other people money to play like that.