pull down to refresh

Bitcoin lending app Lava quietly shifted its custody model - Blockspace Mediablockspace.media/insight/bitcoin-lending-app-lava-quietly-shifted-its-custody-model-users-are-demanding-answers/
999 sats \ 10 comments \ @Scoresby 11 Nov bitcoin
Last week, Lava published an an update about their roadmap and future plans (#1274219). In the update, Lava's CEO spoke about "rebuilding the product from ground up" and how "no service is fully trustless."
This caught a few of their customers off guard. These customers began relationships with Lava under the impression that the bitcoin they put up for collateral was held in on chain contracts that did not involve custody.1
There was a minor uproar about this change, especially since some customers felt that it was not made clear to them that the change was occurring. Apparently they were presented with this update screen:
While this update marked a change from Lava's previous goal of using DLCs to a “cold storage and institutional-grade security systems that have safeguarded over $100B in assets globally.”
the crux of the problem to Kemeys is that he and other users had no idea the update authorized a change from a non-custodial to a custodial setup.
The Blockspace Media article goes into this change in some depth, particularly from the users' perspective as
Lava did not return Blockspace’s question regarding whether or not the raise prompted Lava to ditch DLCs. However, Maredia told Blockspace that he will be releasing a post mortem to clear the air this Wednesday, and we will update this article as relevant.
It's an interesting read, especially for those looking to learn about how not to communicate with users about fundamental changes to a live product.

Footnotes

  1. I'm still not convinced a DLC is all that different from custody: you need to be sure that the oracle will not collude with your counterparty for it to be truly custodial. But that just speaks to the nature of loans: you can't have a loan with self-custodial collateral.
write
preview
related posts
0 replies \ @Scoresby OP 14 Nov
See also: #1274219
And especially: #1274600
And this one: #1274641
And finally: #1281155
reply
368 sats \ 1 reply \ @conduition 23 Nov
This is partially correct, but it's not the whole picture. Lava's old custody model used DLCs as one component of a complex cross-chain (Solana) multi-transaction smart contract where, in theory, the user would always have a unilateral exit back to Bitcoin when the loan expires. In theory, the user should always be able to get their Bitcoin back in full by repaying the stablecoins on Solana. Vice versa: Lava should always be able to recover the loan capital plus any accrued interest even if the user is malicious.
The problem was, like Spark's protocol, there were many assumptions made to get to that goal. The oracle behaving, the Solana smart contract key staying secure, the closed-source software being authentic, etc. The on-chain protocol itself was as well-designed as it could be, but ultimately brittle and susceptible to subtle implementation bugs or misuse.
If they wanted to, it would've been easy for Lava to rug-pull everyone, which is exactly the same as any other closed-source bitcoin wallet, because of remote code updates, naive users, etc. Lava's CEO Shehzan and I have spoken about this subject quite a bit, and while I'm more optimistic about self-custody than he is, we mostly see eye to eye.
There was no practical path to fixing all of these issues definitively. All the while, if even the smallest bug were to sneak through, if they were hit by a phishing attack, or an NPM supply chain attack, etc, it would lead to a catastrophic hack or lost user funds. This never happened, but it was a factor on their minds.
Knowing this, and also having opportunities to build a better product by doing so... Lava rebuilt everything and moved to an institutional custody model. But unlike most custodians, every user's deposits are kept isolated until they are withdrawn. You can audit on-chain to confirm your collateral isn't being rehypothecated and gambled away SBF-style. You can find more info about their new system here.
Having audited both the old and the new code bases, I would be far more confident using the new platform rather than the old DLC-based on-chain protocol.
Source: I work part time for Lava as a security contractor.
reply
0 sats \ 0 replies \ @Scoresby OP 24 Nov
Thanks for this context. I do think it probably is a better product without the attempt at "self custody" collateral.
reply
272 sats \ 0 replies \ @DarthCoin 11 Nov
reply
186 sats \ 2 replies \ @optimism 11 Nov
I'm still not convinced a DLC is all that different from custody: you need to be sure that the oracle will not collude with your counterparty for it to be truly custodial. But that just speaks to the nature of loans: you can't have a loan with self-custodial collateral.
I think you meant non-custodial? Regardless, you're right. There is also no point; if you put something up for collateral you literally don't own it. Same with your mortgage and your car financing.
reply
105 sats \ 1 reply \ @Scoresby OP 11 Nov
Yes. I've been suffering a lot of typos lately. Gotta stop typing on a phone.
Whatever the case, this makes me think that Lava's transition makes a lot of sense. But it does sound like they did a poor job of enacting it (especially if they really did present users with a screen that signed transactions without clearly telling the user they were signing transactions).
reply
107 sats \ 0 replies \ @optimism 11 Nov
Wait you typed all that on a phone? Amazing. I only do one-liners from the phone lol.
But it does sound like they did a poor job of enacting it
So the reason why there are regulations around how banks operate is because this forces them to properly disclose things. All of these fintech bros operating in crypto space are just dodging that kind of regulation. Imagine entrusting your funds to someone that wasn't able to make it in a regulated environment... would you? Personally I'm extremely skeptical.
reply
102 sats \ 0 replies \ @BlokchainB 11 Nov
Yikes
reply
0 sats \ 0 replies \ @unboiled 12 Nov
This can be fixed it 3 easy steps:
  1. Pay back your loan,
  2. ask for permission to get btc back that used to be yours before you mid-curved so hard that even Mashinsky would feel sorry for you, and
  3. stop playing fiat games.
reply
0 sats \ 0 replies \ @035736735e 11 Nov outlawed
stackers have outlawed this. turn on wild west mode in your /settings to see outlawed content.