Exploit Flow
When an exploit is rumored to have occurred at a covered protocol, the clock starts for the Sherlock team to identify, verify and pay out the exploit within the 7-day cooldown period. The covered protocol will notify us of the potential exploit (the Sherlock security team will likely find out concurrently with the protocol’s dev team) and then the two teams will work to understand the cause and type of the exploit.
The Sherlock claims process will decide whether the exploit falls under coverage or not. If it does not, no payout is enacted. If it does, the Sherlock team will work with the protocol to understand the best avenue for payment (pay the covered protocol directly and have them reimburse their users or pay their users directly, etc.).
Once this is decided, the protocol's deductible is taken into consideration and drawn down appropriately. If all deductible funds are liquidated, the Sherlock “first money out” pool gets drawn down. This pool will be made up of “protocol-controlled value” i.e. any funds Sherlock has contributed for this purpose (through SHER sales or fees earned). To make staking even more attractive, Sherlock governance will have the discretion to add funds from the treasury (or elsewhere) to the "first money out" pool.
If the deductible and first-money-out pool can’t cover the entirety of the exploit, staker funds will be used. Each staker pool has a function to withdraw funds for an exploit payout. Sherlock will do an off-chain calculation to decide how much of each pool should be withdrawn in order to pay out an exploit proportionally from each staker (i.e. every dollar-worth of tokens in every pool becomes 90 cents for example). Because there is only a USDC pool in the guarded launch, this calculation is much simpler.
With each protocol, the token type (USDC for example) of the payout will be explicit from the protocol's initial coverage agreement.
Next, the funds will be sent to the protocol or to the affected users. This will depend on the exploit type and the initial coverage agreement -- for special situations like a compromised protocol that is still insecure -- the initial coverage agreement will stipulate to compensate user addresses directly since the integrity of the compromised protocol could still be uncertain.
Last modified 1mo ago
Copy link