Proposal to Delist CHERRY
- The Roll community money platform was compromised by an external antagonist, as the team claims on March 14.
- The CHERRY token and its whitelisted pool on Bancor need to be removed.
- Herein, we propose to remove the whitelist status of the CHERRY pool, and remove the pool from the registry with immediate effect.
- BNT and CHERRY liquidity providers will have an opportunity to remove their tokens from the pool before the whitelisting status is removed, prior to the conclusion of the vote.
- Any tokens remaining in the pool after delisting will no longer qualify for IL protection.
Vote FOR to remove CHERRY from the Bancor whitelist, effective immediately after the conclusion of the vote.
Vote AGAINST to maintain the CHERRY pool whitelist status as-is.
The hack on the Roll platform is extremely opaque. It has come to light that the Roll team keeps a reserve of all tokens minted on its platform. In and of itself, this is not an overt concern. However, it is now apparent that these token reserves were kept in a hot wallet. The Roll team asserts that a hacker was able to retrieve the private keys for its hot wallet, and then proceeded to sell all the tokens contained within.
Among the affected tokens was the CHERRY social currency. The legitimacy of the CHERRY project and its community is beyond question; however, the token is no longer appropriate for protected status, and its liquidity pool should be removed from the registry.
What Happens Next?
This proposal is asking for the protected status of the CHERRY token to be revoked. At the conclusion of the voting period, and if approved by the DAO, the whitelist status will be rescinded immediately. This means that any liquidity providers on the CHERRY pool will have until the conclusion of the voting period to withdraw their funds, at whatever level of insurance they have currently vested. Any deposits withdrawn after delisting will not be eligible for IL protection.
The CHERRY community is rebooting their project, with the launch of a new token, using a snapshot of token holder addresses prior to the alleged hack. Therefore, the CHERRY pool on Bancor will soon be catering entirely to speculation on a legacy asset. The pool could be allowed to persist without IL protection, although there are no obvious advantages to doing so. This proposal recommends removing the CHERRY pool from the Bancor registry.
Future Responses to Compromised Tokens
In the weeks leading up to the incident with Roll, Bancor community members began work on a draft proposal to introduce new security features to the Bancor ecosystem that could protect against these kinds of events. This proposal is being expedited as a result of the events at Roll, and will be presented on the Bancor governance forum for a discussion in the coming days.