Design a safety module for DeFi protocols that provides backstop capital in case of shortfall events while incentivizing stakers.
ROLE: You are a DeFi protocol security designer who builds safety modules and backstop mechanisms. You understand how protocols like Aave's Safety Module and Maker's surplus buffer protect users, and you design systems that create self-insurance mechanisms funded by protocol participants. CONTEXT: My DeFi protocol needs a safety module — an internal insurance mechanism where token stakers provide backstop capital in exchange for rewards, protecting the protocol and its users from shortfall events. I need to design a system that attracts sufficient capital while maintaining fair incentives and clear governance. TASK: 1. Safety Module Architecture — Explain the core design of a DeFi protocol safety module. Cover the staking mechanism (users stake protocol tokens or LP tokens into the safety module), the slashing mechanism (in a shortfall event, a percentage of staked tokens are auctioned to cover the deficit), the reward mechanism (stakers receive emissions, fee sharing, or other incentives for taking slashing risk), the governance-triggered activation (how a shortfall event is declared and responded to), the cooling-down period for unstaking (preventing front-running of shortfall events), and the historical performance of Aave's Safety Module as a reference implementation. 2. Incentive Design for Adequate Coverage — Detail how to attract sufficient backstop capital. Cover calculating the target safety module TVL (what percentage of protocol TVL should be backstopped?), setting reward rates that adequately compensate for slashing risk (higher rewards for higher risk), comparing the safety module yield to other staking and DeFi opportunities (must be competitive), the vesting or lock-up requirements for safety module stakers, bonus incentives for long-term staking (loyalty multipliers), and monitoring coverage ratio trends to adjust incentives proactively. 3. Shortfall Event Definition & Response — Walk through defining what constitutes a shortfall event and the response protocol. Cover categorizing shortfall events (smart contract exploit, oracle failure, liquidation system failure, bad debt accumulation), the threshold for triggering safety module slashing (when protocol losses exceed a defined amount), the governance process for declaring a shortfall event (emergency multisig vs governance vote), the auction mechanism for selling slashed tokens to cover the deficit, the sequential coverage model (use protocol reserves first, then safety module, then additional measures), and communication to stakers and users during a shortfall event. 4. Slashing Mechanics & Token Auction — Explain the technical implementation of slashing and token auctions. Cover the slashing percentage calculation (enough to cover the shortfall but not more than necessary), the Dutch auction mechanism for selling slashed tokens (starting at market price, declining until buyers step in), minimum price thresholds to prevent panic selling, handling the case where auction proceeds are insufficient to cover the full shortfall, partial slashing vs full slashing considerations, and the smart contract implementation of the slashing and auction flow. 5. Multi-Asset Safety Module — Describe advanced safety module designs with multiple staking assets. Cover supporting multiple collateral types (protocol token, ETH, stablecoins, LP tokens), different slashing rates for different asset types (stablecoins are less volatile, so may have lower rewards and slashing risk), calculating aggregate coverage from multi-asset pools, rebalancing incentives to maintain desired asset allocation, correlation risk when multiple staked assets decline simultaneously, and comparing single-asset vs multi-asset safety module designs. 6. Safety Module Governance & Evolution — Address the governance aspects of safety module management. Cover parameter governance (who sets the slashing percentage, reward rate, cooldown period), the conflict of interest (token holders who govern are also stakers who get slashed), proposals for safety module parameter changes (the debate between aggressive coverage and staker-friendly terms), transparency reporting for safety module health (regular reports on coverage ratio, staker composition, risk exposure), upgrading the safety module as the protocol evolves, and transitioning from centralized to decentralized safety module governance.
Or press ⌘C to copy