Moving Forward with Angle Post Euler Hack

As everyone is surely aware, agEUR token is off peg, resulting from the loss of a significant amount of USDC collateral and liquidity from the protocol reserves as a result of the Euler hack,. agEUR is now trading at a similar discount to the percentage of assets left in the DAO holdings compared to outstanding liabilities. While USDC was the only asset stolen, it seems the entire set of collateral and liquidity providers’ assets are now in play to serve as backing for the system. Assuming that we will need to write off the Euler funds to zero, figuring out a way forward to bring back full backing to agEUR while making depositors and liquidity providers whole should be the main focus.

First, I’d like to thank the Angle Team for their quick response and efforts to address the situation. I appreciate their dedication to finding a fair solution for all affected parties. agEUR has been a solid stablecoin, and the mechanism has worked well through the volatility of the past year. Unfortunately, the loss of funds was due to where the collateral was stored within the system. Going forward, there can be key risk limits placed on such actions, or the protocol could decide not to rehypothecate collateral and accept lower yield in the system. This is a discussion for later.

Here are the key figures based on the spreadsheet provided by the Angle team:

• Total value of sanTokens before the hack: $11,801,160.12
• Total value redeemable by HAs before the hack: $71,073.11
• Total value of agEUR issued by the Core Module and not held by the DAO before the hack: $18,350,455.33
• Value of the tokens claimable from the Core Module before the hack: $30,466,061.26
• Total value of the DAO’s token holdings (excluding agEUR) after the hack: $19,563,873.35
• Shortfall: $10,902,187.91

Looking at the DAO token holdings sheet, there is enough DAI, FRAX, and ETH to fully pay out those sanToken holders. The sanUSDC deposit came with this unique risk of the third-party lending system, and it seems like mostly we need to figure a way to make USDC depositors and LPs whole, as the rest of the assets are available on the balance sheet.

Based on these figures, I’d like to propose the following solution:

• Allow sanETH, sanFRAX, and sanDAI holders to withdraw from the protocol at 1:1 with their assets from the DAO holdings.
• Allow agEUR borrowers against FRAX, DAI, and ETH to wind down their debt (agEUR is cheaply available off the market now). This will reduce the outstanding supply of agEUR, limiting it to just the USDC collateral.
• Issue ANGLE tokens or a debt token tied to protocol revenue that will cover the difference for USDC depositors and LPs.
• We could also allow other LPs and depositors to participate in the debt token or token coverage if they are willing to trade those for their claim on the underlying assets. Then this solution would encompass the entire community.

The alternative are something like the DAO takes on the bad debt (likely not possible based on the size of the loss and DAO holdings) or that all users take a haircut (doesn’t make sense when only USDC is missing from the system).

I kindly request all community members, including those not directly affected by the hack, to consider this proposal and participate in the upcoming discussions. Please feel free to share your thoughts, concerns, or suggestions in the comments below.

Unless I understand this proposal incorrectly I advise against this proposal, because it seems only to serve certain san-holders, but it will leave agEur with reduced backing and therefore the protocol with an almost impossible road to recovery. It also doesn’t do justice to the design of the protocol where risk of loss of funds because of undercollaterization is explicitly a function of the SLP.

Let me explain.

Currently agEur can be backed by the remaining asets held by the protocol. If we allow sanFRAX, sanDAI, sanETH holders to withdraw, another 6,5m will be withdrawn from the protocol and 1:1 backing will be (forever?) lost. Angle protocol can only survive if agEur returns to peg, and that will happen if all funds will be used to make it fully redeemable for those that wish to do so. Without a re-peg there’s simply too much damage to continue with Angle reputation and confidence, especially if there is sufficient backing to restore it.

The protocol design also dictates that the SLP serves to stabilise agEur. This is what is stated in the SLP-documentation:
"They entrust Angle Core module with their liquidity and like liquidity providers in other protocols (Compound, Uniswap, Aave), they automatically accrue interest on the assets they brought. The risk for them is to incur a slippage when the Core module is not enough collateralized and they want to cash out."

Even though these are exceptional circumstances this is not a reason to depart from this core principle and leave the agEur-holders undercollaterized.

A good solution would focus on making agEur fully redeemable, and create a debt token for all other affected holders for which they will receive future profits from the protocol. This solution also needs to make sure that the protocol recievces a portion of these fees, to pay for operations and keep developing this protocol

Put shortly, this will bail out SLPs 100% and steal agEUR holders from their claims.

As the contracts stand today, SLPs would be the most affected if the protocol was restarted because they are the insurers of the deposits.

The idea is to find a way to make SLPs whole or the least affected possible, not to fork the entire system to bail out SLPs at the expense of agEUR holders.

The only “rationale” here is because SLPs took a risky position should be the ones receiving 100% of the funds when in reality this is one of the risk scenarios that SLPs took. a complete contradiction.

I understand the desire to find compromise between various users of the protocol, but we need clarity and to set the expectations straight before moving forward.

The way Angle Protocol works, everyone (stable holders, SLPs, HAs) interacting around the same stablecoin (agEUR) are connected to each other. It doesn’t make sense to allow specific sanTokens and specific addresses that used a specific collateral to be treated differently, because everyone is gathered around the same product (the agEUR stablecoin). Each stablecoin is working as an isolated instance of the Angle protocol, but for now we are all in the same agEUR boat.

The balance sheet shared by the core team is a good first step, but as we can see from the 2nd tab, the DAO token holdings are spread over 40 different tokens and addresses. First thing to do, to provide clarity, is to have a DAO vote that mandate the core team to consolidate all the holdings in one token on one address (USDC on core multisig?). Depending on the execution price of the various swaps/LP unpairings, we will have certainty about the hard amount of assets the protocol can use to distribute back to users.

Second, the seniority order is pretty clear : Stable holders > SLPs > HAs. SLPs were leverage farming with the collateral provided by stable holders, they were enjoying the benefits but also the risks (after HAs). SLPs earned the yield from Euler, and protocol fees in general (along with veANGLE holders). I’m not mentioning HAs here because their stake was very small, but sadly there is not enough collateral left in the system to consider them.

There are documentation pages for risks/emergency mode and collateral offboarding that clearly state the preference order in case of liquidation. I don’t believe there is an automated way to execute it, but it should be the way we consolidate the situation and treat the users. Even if that wasn’t clearly stated in the docs, this is just the obvious way to handle debt seniority: agEUR holders were earning none of the benefits, despite having the collateral of their stablecoin at risk, and should have the most senior debt.

If we want to keep the protocol operational, luckily enough, there are still enough assets in the protocol to get agEUR back to peg, and leave SLPs with positive equity, ~10% of the value they had in the protocol (plus any recovered funds from Euler). The consolidation could make $18,350,455.33 USDC available for agEUR redemptions (not deployed in any strategies), and the remaining ~1.2M$ of funds (plus any recovered funds from Euler) could be transformed in sanUSDC_EUR and airdropped proportionately to all sanToken holders.

Bullshit proposal that could be summarized as “Hi, i invested in the riskiest part of the protocol, now i want to steal from people who got none of my benefits”
This is moving backward, not forward.

[Disclaimer - Angle Labs holds agEUR, and its members hold both sanUSDC_EUR and agEUR]

Thanks for starting the discussion! And thanks everyone for the thoughts here.

In preparation for the case where there is no solution to the post Euler hack situation and the protocol is left with some bad debt, it indeed seems to be a good idea to clarify how this bad debt would be allocated.

If the contracts were unpaused with the pre-Euler hack parameters, it’ll lead to a bank run situation as agEUR will be redeemable 1-1 against reserve assets, and sanTokens will be redeemable at 1-1 at first, then with a slippage once the collateral ratio is lower. In the end, last users will be left with nothing as the smart contracts will have nothing left to redeem assets against.

To avoid this unfair bank run scenario, leftover assets could be frozen and redistributed differently. The key question hence, regardless of the outcome of the Euler hack, is to determine the order of “seniority” among the different token holders of the protocol.

There are several global scenarios that could make sense to us at Angle Labs:

1. sanTokens are the risk bearers of the protocol, they are considered junior with respect to agEUR and HAs, so the repayment waterfall is agEUR and HAs, then sanTokens.

   agEUR = HA > SLPs

2. Same as 1, but sanUSDC holders are considered less senior than other sanTokens, as the main collateral impacted by the hack is USDC.

   agEUR = HA > SLPs > sanUSDC_EUR

3. Even though the amounts at stake with HAs are minor with respect to agEUR and SLPs, it could also be considered that HAs should be treated the same as SLPs.

   agEUR > HA = SLPs

4. Same as 3 but USDC HAs are considered less senior than other HAs and sanTokens, as the main collateral impacted by the hack is USDC.

   agEUR > HA = SLPs > USDC HAs = sanUSDC_EUR

5. All tokens holders are considered equally senior, so the bad debt is distributed proportionally according to the value of these tokens at the time of the hack.

   agEUR = HA = SLPs

Comments & References

• With options 1 to 4, agEUR peg should be maintained based on the detailed state of the protocol publicly available here
• In case all funds impacted by the hack are definitely lost or not recovered, 2 and 4 would mark sanUSDC to 0
• 5 may make it hard to repeg agEUR without a bailout or an injection of funds in the protocol.

As reminded by @LordKajafas and @angular, there are already some places in the docs which refer to this kind of situation, and what’s explained there tends to converge towards the first or third scenarios, which seem like the options the most in line with the docs (depending on whether you’re referring to SLP slippage or a collateral settlement).

• Angle Core Module collateral settlement with an example implementation here.
• Page about SLPs
• Angle Core Module risks and emergency solutions

While different options are still available for the future of the protocol at this stage (like an ANGLE fundraiser, continuing operations as normal should option 1-4 be chosen, or winding down the protocol - which implies granting a mandate to some team to consolidate the protocol’s holdings), having a better idea of the waterfall and how the loss (if it stays like that) will be distributed among all stakeholders (including Angle Labs) will definitely provide some clarity to all protocol users (in particular for the question of whether agEUR should trade at peg or no).

The collateral settlement page has details about governance token holders being treated preferably in the event of a liquidation. A future vote could specify how those affected by a loss could be handled differently depending on their governance token holdings.

In all scenarios, should some funds be retrieved from the Euler hack, users should be able to recover all or part of their allocated loss after the allocation has been voted on.

Given the capital importance of this for all protocol stakeholders and integrators, the best scenario needs to be discussed and voted shortly.

The vote could include new scenarios, other than the ones suggested here, like for instance what is suggested by @alaCarte.

This would be an informational vote though, that would need to be followed by other proposals on for instance and depending on the outcome of a first vote and the Euler hack how to technically implement a new design or a wind down for the protocol.

Just speaking for myself here, and not saying I will support this option, but I think there is an other option that could be discussed: the “protocol as it stands” option (might not be the correct name, just my potentially mistaken view of it).
Basically this option is: USDC’s are rekt, so sanUSDC → 0, and ageur’s USDC backing disappears.
Therefore, ageur becomes backed by the remaining DAI and FRAX, and sanDAI and sanFRAX are not impacted.
It’s basically a scenario of what would happen if USDC would go to 0 (if I understand it correctly).

Again, not saying I would support it, but I think it’s a faire option and it should be included.

It comes close to the proposal of @alaCarte (that I find great too),
I share the idea of “Protocol as it stands”.

Should be included as an option too.

To ensure I understand @Tube, would this option be sanDAI + sanFRAX + HA > agEUR > sanUSDC?
Could you explain why this would be the “protocol as it stands” option? Note that the slippage for SLPs depends on the global agEUR collateralization, not the backing of the specific collateral.

actually it’s basically what @alaCarte was proposing. Basically winding down assuming everything is normal and USDC value is not 1$ but 0$. I understand sanLP were supposed to be exposed to a 10% risk on their principal, so could make sense to have a 10% haircut on sanDAI/FRAX/ETH that would go to ageur backing.

Furthermore, I think that ageur could survive with a backing below one. That is the normal functioning of FRAX for example or USDD, or even UST (bad example but they had 0% backing and were printing like hell, so not the same either). The lacking backing could be collateralised by ANGLE or a debt token for now, and going forward, this gov token collateral could progressively reduce.

All I am saying is that, according to coingecko, agEUR volume after the hack represents 682% of the agEUR market cap, which is much more the usual agEUR volume. Basically, didn’t run full analysis, but one can assume that probably more than 90% of agEUR changed hand after the hack, and at a depeged price.
So I understand the all seniority discussion, which makes total financial sense tbf, but as in real life finance, when there are exceptional times like this one, there are discussion. We actually see it currently in the crisis of the global banking industry.
Do we want to rekt sanLP providers saying “you should get 0 so that those who bought agEUR at $0.60 can 2x”? Maybe you don’t need them anymore and would rather do that since you will not need sanLP providers in the future, so you can rekt them indeed…
Still believe that those who say that it will be more difficult for the protocol to recover if agEUR doesn’t have 100% collateral are mistaken: I don’t think that letting long term lenders of the protocol with 0 to enable vultures to 2x on their one-week bet puts the protocol in a better position than finding a fairer solution.
Maybe there is something to be done with a snapshot to assess who bought agEUR depegged and allow them to redeem at the price they bought it, instead of giving them a 24M% APY on their bet. That would free the balance sheet from some liabilities.

Finally, a last point I wanted to make in all this seniority discussion: equity has not been ranked in all this seniority ranking. I believe in a normal situation, equity should be the most junior instrument. There is still around 500k in liquidity for ANGLE, so ANGLE still has value. If sanLP are left with nothing and ANGLE is not impacted, it would mean than sanLP (which is basically a debt instrument) is more junior than ANGLE (basically an equity like instrument). If the objective is to keep a traditional financial approach, sanLP holders should at the very least be compensated with ANGLE tokens.

Thanks for your insight. I doubt the “snapshot to assess who bought agEUR depegged” solution would be technically doable, as you’ll need to “freeze” all these agEUR to prevent these holders from just selling them on a DEX and someone else to redeem for them.

This being said your points are valid, although I don’t see how in our case we could possibly leave agEUR not fully collateralized or partially collateralized by ANGLE and avoid a bank run if the protocol keeps on trading it 1-1 with its reserves. Then, on the seniority of ANGLE and eventual compensations in the form of debt tokens or ANGLE emissions, I’d say that this could be settled afterward once the seniority of agEUR / SLPs / HAs has been decided. But I’d like to hear other views on this.

Yes, very tricky to do this snapshot solution for sure, that’s why I think making ageur fully collateralised by reserves is dangerous imho…
The good thing with Angle is that a massive share of the supply is locked, and therefore, a bank run on Angle is not so simple. If you think about it, there has already been a bankrun, from $0.6 to to $0.02, and yet, the protocol kept working like clockwork, and the token eventually pumped to do a nice 4-5x. Even today, the token is still trading around 2x the ATL. So I think there are some good mitigants to these concerns.

Good to see that my post has kicked off discussion.

From what I understand, based on the assets sheet, we have more “assets” than liabilities, considering agEUR as a strict liability and sanTokens/HAs/Angle as equity.

If we were to resume the protocol right now, agEUR is trading under peg, and holders could purchase discounted agEUR to repay their debts and redeem. As redemptions occur, the circulating supply would diminish until only the missing USDC remains, rendering agEUR practically worthless.

We’ve seen different outcomes for agEUR holders: some sold at a loss, others repaid their debt before the protocol paused, and a few might still hold onto agEUR, hoping for a 1:1 resolution. If we believe borrowers of agEUR should be the first to reclaim their collateral in the system then when redemptions reopened, they could buy back cheaply, repay their debt, and withdraw collateral at a gain.

There are enough assets for those who used DAI, FRAX, and ETH as collateral and for respective sanToken holders to withdraw as well.

We must find a way to address the roughly $6 million gap for USDC depositors that then borrowed agEUR.

A viable option might be to provide affected holders with veANGLE or a similar claim within a protocol repayment plan. Alternatively, we could formalize the bad debt at the DAO level, backed by treasury assets or a protocol revenue stream, akin to how MIM has handled the UST bad debt.

In calculating this too, we should exclude assets outside of the PoolManager if we plan to continue with the protocol. It appears that the assets sheet includes all DAO assets. But these could be used as collateral in creating a debt position that rebacks agEUR.

Formalizing it at the DAO level is something like there being a module to mint agEUR to the DAO, this is burned, and then revenue or otherwise used to pay back the debt created by the DAO. We could also try to implement this in a way where the DAO can buy agEUR off the market first, but not sure if we can disable trading on agEUR.

it seems like #1 makes the most sense (most likely why it was listed first) if we were to look at it unemotionally/from an outside position (I have no money in angle rn).

SLPs are the inherently riskiest position to be in and investors “should’ve known” to put it poorly that they’d be the first to lose if anything happened in general.

Shitty situation, but I think the most important thing right now is to get agEUR back to a 1:1 peg or the entire protocol is worthless whether we go with #1 or not.

edit: yeah I know I’m an asshole

I think there is general agreement that sanToken holders are junior to agEUR minters (not necessarily holders, but people who have deposited collateral – important distinction).

However, there is still the question of whether all sanToken holders should be treated equally.

Docs here suggest that collateral types / sanTokens don’t need to be wound down together and there is some mechanism for keeping these segregated in the event of a wind down situation: Collateral Settlement - Angle Docs

This is why I think the main discussion should be on how to plug the 6m hole for what will have to mostly come from sanUSDC holders taking a mark down. Compensating them in ANGLE is one option, but I think there is also a path where the DAO could formalize the debt against the treasury or similar.

It seems that the majority of the people here are suggesting that agEUR should be senior and its peg defended using the collateral leftover in the protocol, but there are also at the same time some suggestions by other people against this (including for instance what was first suggested by @alaCarte, or by @Tube). So we’re lacking a consensus.

What I’d suggest from where we are now would be to have a first vote to answer the global question of whether agEUR should be considered as senior, without any further specific scenario consideration.
We could then discuss in further votes/proposals what to do based on the result of this first vote.
For instance, if agEUR is senior, we could then discuss on the details of the subsequent waterfall (like agEUR = HA > SLPs, agEUR > HA = SLPs > USDC HAs = sanUSDC_EUR, …).

In the case where the DAO votes against defending agEUR’s peg using only the collateral leftover in the protocol, we could then discuss whether the DAO should make sure that agEUR = HA = SLPs or if ANGLE tokens should be sold to still maintain agEUR peg, or if agEUR should still have some form of priority in a waterfall based on the case described by @Tube, or any other scenario where the DAO does not put aside collateral for the value of the outstanding agEUR to defend agEUR’s peg.

I agree with this, sounds like a good approach.

Again, not trying to defend my bags in what I said, just scared about the scenario of agEUR being senior, as I think it would definitely kill the protocol. I believe in such case, most of agEUR holders (if not all, at least all of those who bought after the hack as a trading strategy) will immediately redeem their agEUR for stable USD, and then the protocol will be left with nothing, and a trust debt from all long term creditors and supporters of the protocol who will get at most ten cents on the dollar, and agEUR market cap will be approx 0.

I think it’s the worst scenario that could happen for Angle, and the most logical one. A smoother solution (with progressive recollateralisation) is definitely more conservative imho.

Looking forward to the vote, and thanks again to the Angle team for this level of transparency

@alaCarte to make sure I understand, I don’t see how you distinguish between “[agEUR] holders, but people who have deposited collateral – important distinction”. A lot of agEUR were minted through the core module by arbitrage bots, then traded, and are now held by addresses. There is no real way to make distinctions between these holders.

In the state of the protocol document, the line Total value of agEUR issued by the Core Module and not held by the DAO before the hack: $18,350,455.33" represents agEUR that are held by users but do not correspond to any specific debt position: these agEUR have been minted against assets that are now within the global DAO reserves

Then you have agEUR minted through the borrow module, where their collateral is not held by the protocol but is still in their position. These users can still just buy agEUR on the market, clear their debt, and remove their collateral. So they are not concerned by the discussion about seniority, and their debts were aggregated and accounted for separately in the balance sheet.

There’s a difference between agEUR being senior, and using all of the sanToken deposits as the sole backstop for agEUR to be burned against. In this case, folks will just buy cheaply off the market for less than 1 unit and redeem from the protocol for 1 unit.

This will bring the agEUR back to peg, but at the cost of all liquidity in the system and at the expense of most users I would think as it will likely get played by arb bots and the like.

Makes more sense to formalize this debt at the protocol/DAO level by backstoping it with ANGLE tokens or similar, then burn the relevant agEUR supply so that the protocol is back to peg. Burn in this case could be done by DAO or by letting agEUR holders redeem for some pro-rata share of USD and ANGLE.