RISK OFFICER APPLICATION

1. Overview

A. This application first highlights the risk of the risk officer proposal resulting in no qualified candidates being considered.

B. I then attempt to make the case for my qualification to serve as risk officer through evidence of my views on various projects in the past.

C. Finally, I outline my approach to identifying risks and apply it cursorily to an existing investment of Wonderland.

2. Why this Application is important

Currently if no one were to apply, Sifu would become the Risk Officer of Wonderland. This is unideal as Sifu is already Wonderland’s largest investment-holder, with direct and indirect control of approximately $46.5 million [figure amended following clarification by Sifu] belonging to Wonderland.

To be specific, Sifu is charged with $25m in direct investments in SIFU, the management of $6m in liquidity pools belonging to Wonderland, and $500k in uWu investments. He is also responsible for managing Uwulend, a protocol which Wonderland has deposited approximately $15m of stablecoins into. It is of course worth noting that the Uwulend deposits are only influenced by Sifu to the extent that he has control of the parameters of the smart contracts of Uwulend, which is much less significant than the direct control he has of the previously mentioned investments.

This is only a minor issue as the Risk Officer is not the only person able to or in charge of assessing risk. The Risk Officer does not vote or bring forward their own proposals either. The truer risk is with concentrating investments in Sifu-related projects, rather than having him as a risk officer. However, as Sifu believes in himself (as all individuals ought to do), it is my view that despite his efforts, it would be a challenge for him to be objective about investments in his own projects. He would also have conflicting interests where he is an effective promoter for his projects but also has to present the strongest bear-case for them as Risk Officer. Finally, it would simply be better, both for Sifu who has plenty of existing responsibilities to Wonderland outside his capacity as Risk Officer, as well as for Wonderland which deserves an unconflicted Risk Officer, to have other qualified candidates serve as Risk Officer.

As such, wMEMO holders ought to place weight on having other qualified candidates apply and be voted in as Risk Officer. This application aims to make the case for my qualification.

3. Introduction/Background & experience

I’m an anon personality in the crypto space who has been active in the Wonderland forum and discord and have made substantive contributions. I am doxxed to SkyH and I am a current member of the Workerland discord chat where the internal processes of Wonderland are discussed. I also hold between 3.5-4.5 wMEMO (which I can increase to 5 wMEMO in the event that I am made RO). I will try to highlight my knowledge of DeFi through documented evidence of my views at certain times, about certain protocols.

Before proceeding, I should make clear that I do not work in finance or have any licenses to provide financial advice. My knowledge of financial concepts, economics, and DeFi has been hard-earned through my own experience in crypto and I hope to provide a more evidence-based illustration of my knowledge of both protocols and protocol risk below.

FIRST ILLUSTRATION

I initiated and brought to completion the proposal to purchase 12.5m of GLP. I also brought forward a proposal to consider the purchase of two other tokens which include significant sections detailing risk.

These proposals primarily demonstrate my skill in understanding not only the risk profile of DeFi protocols but the protocols themselves. As there are multiple proposals with significant sections on risk, I will not repeat them here – instead, if interested please take the time to have a read or glance through the proposals to see my thought process and explanation of the risks of the included protocols.

On a secondary note, the proposal also indicates that I had good sense in choosing particular investments at a time when the market had just crashed. This is relevant in my application as it demonstrates a useful accessory skill that I have, in that I could arrive at an understanding of not only the risks but of the risk : reward of those tokens (I chose the tokens not due to low risk but due to asymmetric risk when compared to the rewards) – this is useful in the RO position as it allows me to reach a contextualized view of risks.

SECOND ILLUSTRATION

Quite early on, I brought forward ideas to GMX about how to create delta-neutral GLP vaults with low or zero funding fees.

This is a complex model which a notable and well-known DeFi protocol (which I cannot name for now) has now independently arrived at on their own and are working on developing as a composable layer on top of GMX. I had conversations with the treasury advisor of that protocol and offered my views to aid, as far as was possible, in firming up the model.

Another protocol focusing on delta-neutral strategies, Scion.Finance, is also currently working on deploying this strategy and for this, I can provide some evidence below.

The point of mentioning this is to show my fluency in complex models used in the DeFi space, as well as the constant critical thinking that I apply as I think about the models of DeFi protocols - in this case, I came up with the delta-neutral strategy proposal after thinking about how GMX’s GLP model could be improved, and then iterating ideas to arrive at this delta-neutral strategy as can be seen from the forum post and how it evolved.

This is the kind of thinking which I aim to employ as Risk Officer to critically evaluate models used by DeFi protocols.

Scion Fi1819×672 206 KB

THIRD ILLUSTRATION

I consistently made arguments against the UST peg holding in the weeks prior to its collapse. My arguments are best documented on the sifuvision discord here as I was trying to understand whether Sifu had information that I did not, regarding why he held large quantities of UST.

Before reading the excerpts, note that I do regret that this illustration unnecessarily draws a comparison to Sifu’s views – I intend only to have my own thought process put on display here for the consideration of readers.

image889×660 114 KB

image981×801 149 KB

image1018×772 142 KB

image610×802 65.2 KB

4. Risk Assessment Framework

When evaluating a given protocol, I consider their tokenomics, team, complexity/track-record of smart contracts, among other risks. Read my past wonderland forum proposals for written examples of my thought process on evaluating such risks.

My framework for thinking about projects and the risks inherent in them starts with a consideration of their tokenomics and the incentives created by the project, and then projecting what the end-state of the system is. This framework is inherently bearish because it always envisions the end-state equilibrium reached by the present incentives of a project. An end-state equilibrium usually implies stagnation of some kind, which is usually bearish.

One example of how this thinking is applied can involve a consideration of Olympus where OHM trades above backing at the starting point. The price of OHM will eventually arrive at an equilibrium price near or equal to its liquid backing price as bought-OHM and OHM rebases are sold into protocol-owned-liquidity. The price would stay near liquid backing simply because the protocol could buy back its tokens below backing to generate a profit (assuming there are reasons for them to care about increasing backing per OHM).

It is useful to apply this bearish model because it then enables a consideration of how a protocol could avoid the bearish outcome, and guides the kind of questions that need to be asked to assess how the protocol intends to avoid this outcome.

For a more current example, consider Uwulend – uWu-ETH LP Lockers are betting that the fees from locking will exceed the loss of value of uWu as uWu is dumped into the LP. This is generally a poor bet – depositers on the platform will continue to farm uWu at a rapid rate so long as the cost of looping (the fees to LP lockers) are less than the uWu rewards (the cost to the LP lockers). I.e, LP lockers are signing up to provide free money to depositors and loopers who dump their uWu rewards.

This is not the whole story as data so far apparently shows depositers are playing the game irrationally by locking their uWu instead of dumping it (which is not unexpected especially for a new crypto casino – irrational behaviour is characteristic of retail defi users, as seen from how tokens like OHM could climb to such a high multiple of backing, or how UST was seen as a safe or low-risk investment despite its death spiral mechanic being clearly laid out).

Further, Uwulend could (and likely is going to) introduce new revenue sources or different mechanics which move the model away from one where locked LPs subsidize the protocol’s growth or early LPs are properly compensated during later periods where the project has succeeded and users deposit or borrow not only to dump uWu rewards, but to actually use the project. Uwulend is also backed by a well-capitalized individual who can tap into his own funds, funds from Sifuvision depositers (including Wonderland) and also funds invested by outside investors (now including Wonderland as well) to keep the project going by supporting the value of uWu.

These facts do not, however, eliminate the risk of the current tokenomics and current state of the protocol to LP lockers, and this is precisely the kind of risk which I aim to make clear to Wonderland if I serve as Risk Officer.

Note: I am not aware of whether this risk was explicitly mentioned by Sifu to our treasury team though there is a decent chance he did mention it. As I have repeated in this post, I am not aiming for a comparison to Sifu so whether he did or not is not important – what’s more important is that the reader can see I have the understanding of DeFi and tokenomics required to bring up all pertinent risks to the treasury team.

5. Conclusion

A. I argued that it is advantageous to have an unconflicted and qualified Risk Officer.

B. I then made my case for why I believe myself to be qualified by bringing up evidence of my views on multiple projects, technical proposals I made, and by providing a partial analysis of an existing investment of Wonderland.

C. I am willing to be doxxed to Alice or an appropriate senior member of the team, and am already doxxed to the prior treasury manager, SkyH.

D. I hope to address any further questions in the comments.

Thank you for your application.

To clarify:

The ranges of our lp pools is not up to Sifu, the ranges are made by Wonderland TO and council and he is helping as he can act faster than our multisig.
It is an agreement, similar to using SV for OTC sales and buys, which is favorable for Wonderland and I fail to see how it qualifies as argument for exposure.

The $500k investment in $UWU is also not directly managed by him, nor our stable coin deposits in UwU lend. The TO’s and Sifu are always happy to discuss investments openly and did so in the discussion in governance channel on discord, after posting of this.

In regards to UwU: you fail to mention the 100% revenue share, that goes to lp stakers and is the main reason for stakers, early lp provider rewards have also been discussed on their discord and for a profound analysis that you are trying to give here it might have been good to join their discord and ask questions before to post.

Your examples of profitable strategies may suit more a TO position, than the Risk Officer. Job of an RO is to qualify protocol risks, not evaluate or judge profitability or bring strategies.

1. Preliminarily, I am slightly disappointed with my post because clearly my emphasis ended up straying from the core of the post (my application) and ended up weighing too much in the direction of my ancillary arguments regarding the need to elect rather than default to an RO.

2. Do LP agreements with Sifu count as exposure to Sifu in some sense? I would still say it does, even after your explanation. I think OTC or bridge activity involving Sifu also counts as exposure. If Sifu is our main trading counterparty, main external fund operator and now also the operator of one of our key portfolio investments, it simply buttresses my preliminary point that it might be ideal to have someone else, provided they are qualified, serve as RO.

3. Regarding uWu, I did not aim for a deep analysis. In my post I called it a ‘partial analysis’ and what I did provide was a cursory examination of the project from the perspective of (1) projects with similar tokenomics involving locked LPs receiving yield, and depositors providing yield insofar as locked LPs subsidize them to a greater extent through liquidity for dumping emissions (2) an approach to interpreting data that highlights risks in extrapolating trends from irrational behaviour (3) a consideration of how uWu could mitigate such risks through new mechanics, development as well as through capital inflows. I agree with you that a more in-depth analysis would warrant looking at much more information and speaking directly with Sifu and on the uwulend discord. However, my purpose here was to provide a quick illustration of how my risk-analysis approach functions and how it enables me to ask questions that can get closer to the truth of the matter. Answering those questions would indeed require data and closer discussion.

4. My examples of profitable strategies were raised with the explicit primary intention of demonstrating “my skill in understanding not only the risk profile of DeFi protocols but the protocols themselves” because it was within those proposals that I outlined “significant sections detailing risk.” The fact that the strategies were profitable was what I deemed secondary to the post, in that it is a useful accessory skill to have a sense of risk and reward. I do agree that the emphasis of those paragraphs, on a fresh read, is too weak on the risk-assessment part. I will make amendments to clarify that.

I appreciate the questions and if you or any other member have further questions about my own suitability as RO I would also be glad to answer them.

Reason we have an open call, Sifu was voted as interim when making the position, he isn’t paid for it and doing it to help us, same with many things.

As person? Yes - though the only way this would have weight as argument (same as otc deals etc) would be expected malicious behavior on his part, as it is merely supporting us and all of these things are just simply things we either can’t do from our multisig or legal position atm. Or they are simply cheaper than comparable services (Alameda, Bastion). Doesn’t really have an effect on the RO position for me, though.

To the “approach how to assess risk and UwU” - I still think that an example which considers full research would be better as “show how”; as (especially when using this specific example) it does seem more to illustrate your point 1.

Okay, here are some questions for you

1. How do you conduct research of team members?
2. are you well known in the defi space and have a vast net of connections?
3. are you experienced with only defi or tradefi as well
4. how active are you?
5. how up to date are you, following news, able to inform of pending hacks, problems etc, using alpha or other sources?

How do you conduct research of team members?

My function as Risk Officer would entail that I seek out all generally available information about relevant individuals from social media and searches on their prior work. My approach involves forming an opinion about their incentives and risk-profile by examining the jurisdiction they are from, the likely parties they are doxxed to (e.g if Binance or A16z or other major investors invested in their existing or prior projects), their past projects in web2 or web3, and generally assessing the verifiability of any statements they make to Wonderland in the course of discussions. Depending on the structure of the investment and how it grants the team member access to funds, it would then be my role to point out how caution is best exercised to minimize potential risk.

Are you well known in the defi space and have a vast net of connections?

I do not have a vast network of connections. While this could be useful in using networking to get opinions from others about target-individuals (useful in the prior example about assessing team members, for instance), I do not think this is a core requirement of a Risk Officer. We have team members and related parties at Wonderland in whose interests it would be to share access to their networks for the same purpose.

Are you experienced with only defi or tradefi as well

I am primarily experienced with DeFi but I have a good understanding of equities and options. I have a descriptive understanding of other derivatives or structured products but not a deep or nuanced understanding of them.

How active are you? How up to date are you, following news, able to inform of pending hacks, problems etc, using alpha or other sources?

I am active pretty much every day for several hours when it comes to keeping up with fin news, crypto activity and projects that I am following.

While I am not a solidity/rust/others developer or auditor and as such I cannot provide technical alpha when it comes to foreseeing active zero days, I do keep up with past hacks and read their post-mortems, as well as articles by Immunefi on the kinds of exploits and attacks that are being perpetrated. As such, when assessing a given protocol I am capable of applying knowledge of the kind of exploits we have seen in the past that can be repeated, such as re entrancy attacks or oracle manipulation which we saw with Mango and Rari.

Thank you so much for the detailed responses!

Lets play a game, to simplify this with an example:

Following cases to evaluate:

• TO’s present you with a proposal to deploy $5mm into stargate - what risks would you see?

• Evaluate our liquid staking investment for risks (as RO, what is the minimum info that would need to be provided to you to evaluate)

What is your stand on stable coins (recent change of lp for example)

How is your knowledge of unsecured lending platforms and specific borrowers? What are the main concerns to look for when evaluating risk in regards to unsecured lending? Myself and Ferengi have done a lot of research evaluating borrowers and platforms, I’m just curious what your knowledge is to evaluate risk and what you would watch for.

For now I’ll answer your first question – this answer got a little bit long.

Re: Stargate

In the case of stargate, its a high TVL bridge product and the deployment of 5m would be similar to an LP position on a normal DEX, with the main additional risk to assess being the risk of the bridge mechanics being exploited, as the centralized nature of bridge validation results in more attack vectors.

Recent hacks of bridges include the Nomad, Ronin, Wormhole, Harmony etc. Arguably the recent BSC hack was also a bridge hack although the reason for that hack was arguably entirely unique to the BSC token hub code.

The two main ways to exploit a bridge that we’ve seen involve either obtaining the security keys of validators/signers which verify messages that allow bridge users to mint tokens on one end of the bridge, or by finding severe vulnerabilities in code. Vulnerabilities in code can include careless moves by developers following updates or right before patches to code are pushed, or due to really creative methods that let exploiters that allow exploiters to trick bridges into accepting false data.

So this raises a few questions about Stargate to provide a gauge of their security.

1. In what ways is stargate similar/different to other bridges mentioned
2. Are there any heuristics that can indicate Stargate’s security (e.g TVL, audits and quality of audits, team, investors, time project has been functioning, how recent github codebase updated, past hacks and response, etc)
3. Specifically regarding audits, when were the audits (relative to the last update of the codebase), who carried out the audits, what did the audits purport to look out for, were any identified deficiencies resolved by the team.

Having now taken a read of Stargate’s whitepaper, while Stargate uses a different liquidity model from bridges like Multichain which generate intermediary tokens (anyUSDC etc), this does not affect the risk too much. More pertinent is the validation system that Stargate uses, which in this case piggybacks the default configuration set by Layer Zero (“L0”). Per this page we can see that there is an oracle-relayer system in place of the usual multi-sig validation system used by other bridges – this is secure so long as there is no collusion between the oracles and relayers.

For Wonderland’s purposes, the organizations involved as oracles and relayers (FTX, Polygon, Sequoia and Layerzero Labs) are relatively trustworthy and public figures, so they as far as bridges go this is at least cursorily quite safe, as it can be expected that they will not view the financial benefit of colluding to produce illegitimate transactions as +EV since the criminal repercussions would be disastrous, and they are already quite well-funded and assumed to be stable institutions as far as organizations go

I tried digging around in the docs and the technical-questions section on discord to look for more details on the security put in place by the aforementioned oracles and relayers but there is no public information on this that I could find.

On all the other heuristics I mentioned, Stargate is relatively new but it has a large TVL and no prior hacks. Its audits are likely up to date because Stargate’s github codebase has not been changed since the audits were released (I’m skipping additional verification of this point for now). The three audits done were by zokyo, quantstamp and zellic. I took a more cursory read of the audits for the purposes of this question, but it seems they were relatively good reports which, on the security-front, focused on the most common attack vectors and purportedly used industry standard auditing techniques.

I am not capable of carrying out a deeper dive into the code and audits though. Similarly, while I can get an overview and a brisk understanding of what an audit entails, the domain knowledge required here largely falls in the realm of “things I know I don’t know” and even “things I don’t know I don’t know”.

The team behind the Stargate whitepaper are also the co-founders of Layer Zero labs. The individuals are all Canadian, roughly 10 years out of Uni (for com sci), and there seems to be little by way of crypto projects or security experience in their backgrounds that would allow me to say they are especially exceptional. While one of the three co-founders has experience working at a smart contract audit firm, the firm “80trill” appears to have had very limited work and a short lifespan.

All in all, Stargate passes muster because given the <5% position size and the lack of significant red flags, there is no alarm bell to ring. Although if I had the ability to question the team more directly I would try to understand more about the internal security of the relayer by Layerzero Labs as well as the security measures that Layerzero Labs (contractually) requires its oracles to undertake. I would also consult with more technical individuals to get a better idea of what the audits entail, and what further questions ought to be asked about them.

This is actually a really pertinent question given Wonderland’s investments in unsecured pools on truefi and clearpool.

I admittedly would have to begin research on the specific borrower-institutions and their pools, clearpool and truefi’s vetting and inclusion processes, and the obligations that unsecured borrowers have to unsecured lenders under the particular arrangements set up on those two platforms.

The main challenge in carrying out this research is a lack of transparency about private institutions, including even basic financial statements or attestations by auditors. The main knowledge that I think is obtainable would be regarding individuals working and operating the institutions, jurisdiction of incorporation, reputation, incentives to borrow from clearpool/truefi, and service agreements and other obligations (if any) inherent in using clearpool/truefi.

There is probably more ground that I haven’t covered yet but I think this outlines how I would approach the problem.

Could I ask how Ferengi and yourself approached this research or if it differed significantly from how I would?

P.S: the other method which is crucial would be to try to obtain insider knowledge through industry contacts, but that’s challenging enough even if you’re in the crypto funds industry. There are certainly people who would be able to form opinions or inclinations based on conversations they have or gossip they hear about, and such people include Sifu and even SkyH.