Difference between revisions of "Moola (MOO)"
m (1 revision imported) |
m (→Basics) |
||
| Line 1: | Line 1: | ||
[https://app.moola.market/#/ Moola] is a lending market on [[Celo (CELO)|Celo]] | |||
==Basics== | ==Basics== | ||
*Based in: | *Based in: | ||
| Line 5: | Line 5: | ||
*[[Testnet]] release: | *[[Testnet]] release: | ||
*[[Mainnet]] release: | *[[Mainnet]] release: | ||
==History== | ==History== | ||
==Audits & Exploits== | ==Audits & Exploits== | ||
| Line 13: | Line 12: | ||
===Bugs/Exploits=== | ===Bugs/Exploits=== | ||
* [https://rekt.news/moola-markets-rekt/ From] [[Rekt]] (19-10-2022): | |||
''"The exploit was carried out via price manipulation of a collateral asset, this time netting the attacker $8.4M. The Moola team [https://rekt.news/mango-markets-rekt/ announced] the incident on Twitter, appealing to the [[Centralized Exchanges (CEX)|CEX]]-funded attacker to return funds in exchange for a bounty. Fortunately, just six hours later, over 90% of the funds were [https://celoscan.io/address/0xd7f77169d5e6a32c5044052f9a49eb94697b25ed returned] to the Moola [[Multi-Signature|multisig]], with the exploiter keeping ~$525k as a bounty, of which $37k was donated to charity.'' | |||
''Using initial funding of 243k CELO (~$180k), the attacker supplied 60k [[CELO]] in order to borrow 1.8M of the protocol’s native token, MOO, which could itself be used as collateral to borrow against other assets. Then, using the remaining CELO to buy MOO on Ubeswap, the attacker pumped the price of their MOO collateral allowing them to borrow the remaining assets on the protocol, draining all [[liquidity]]"'' | |||
==Governance== | ==Governance== | ||
===Admin Keys=== | ===Admin Keys=== | ||
Latest revision as of 07:36, 31 October 2022
Moola is a lending market on Celo
Basics
History
Audits & Exploits
- No evidence of a bug bounty program was found (30-9-2021).
- Scored 80% on DeFi Safety (30-9-2021):
"Activity is in excess of 10 transactions a day on contract MoolaStakingRewards. As per the SLOC, there is 40% commenting to code (CtC). Software functions are well documented, but there is no explicit traceability to the Moola source code. As per the SLOC, there is 241% testing to code (TtC). There is a test report evident in this section. Moola has not undergone formal verification testing. Evidence of testing and deployment on the Alfajores testnet is documented. Moola has been audited pre-launch by Bramah Systems."
Bugs/Exploits
"The exploit was carried out via price manipulation of a collateral asset, this time netting the attacker $8.4M. The Moola team announced the incident on Twitter, appealing to the CEX-funded attacker to return funds in exchange for a bounty. Fortunately, just six hours later, over 90% of the funds were returned to the Moola multisig, with the exploiter keeping ~$525k as a bounty, of which $37k was donated to charity.
Using initial funding of 243k CELO (~$180k), the attacker supplied 60k CELO in order to borrow 1.8M of the protocol’s native token, MOO, which could itself be used as collateral to borrow against other assets. Then, using the remaining CELO to buy MOO on Ubeswap, the attacker pumped the price of their MOO collateral allowing them to borrow the remaining assets on the protocol, draining all liquidity"
Governance
Admin Keys
- From DeFi Safety (30-9-2021):
"Moola's Access Controls documentation can easily be found in their main GitHub repo's README.md. Moola's Emergency Admin capabilities and details are clearly outlined.
a) All contracts are clearly labelled as upgradeable (or not) -- 30% -- The upgradeable contracts are clearly defined in the "actions controlled by the MultiSig" section. b) The type of ownership is clearly indicated (OnlyOwner / MultiSig / Defined Roles) -- 30% -- Moola clearly identified its MultiSig roles and addresses. c) The capabilities for change in the contracts are described -- 30% -- The capabilities for change in contracts is clearly outlined in the "Actions controlled by the MultiSig section."
DAO
Treasury
Token
Launch
Token Allocation
Utility
Other Details
Stablecoin
Coin Distribution
Technology
- Whitepaper or docs can be found here.
- Code can be viewed here. From DeFi Safety (30-9-2021):
"Moola's V2 repository has 1502 commits, expressing its long and storied history in a colourful and expressive manner. There is a list of contract addresses in the GitHub repository. However, many of these contracts are dead. More active contracts were found in the Celo block explorer."
Implementations
How it works
Fees
- From their FAQ (12-2021):
"Moola does not charge any fees to deposit or withdraw. All transactions on Moola including deposit, withdraw, borrow, and repay incur Celo network transaction fees which are used to secure the Celo network (currently ~$0.001 per transaction). Overcollateralized borrowers incur debt that compounds at either stable or variable interest rates. Undercollateralized flash loans incur a flash loan fee of 9bps."
Upgrades
Mining
Staking
Validator Stats
Liquidity Mining
Scaling
Interoperability
Other Details
Oracle Method
Privacy Method
Compliance
Their Other Projects
Roadmap
- Can be found [Insert link here].
Usage
Projects that use or built on it
Competition
Pros and Cons
Pros
Cons
Team, Funding and Partners
Team
- Full team can be found here (30-9-2021).
Funding
Partners
(:
Knowledge empowers all and will help us get closer to the decentralized world we all want to live in!
Making these free wiki pages is fun but takes a lot of effort and time.
If you have enjoyed reading, tips are appreciated :) This will help us to keep expanding this archive of information.
