Incident Response
Incident Response Protocol
Inverse Finance follows a standardized set of protocols and procedures, popularized by Yearn Finance, that are enacted in the event of a security or liquidity exploit against Inverse DAO. These are any situations that may lead to a considerable loss of funds for users of Inverse products, Inverse’s Treasury, or smart contracts deployed by Inverse.
Core contributors of Inverse DAO working to resolve an active incident are assigned roles, summarized below. Together they form a team and each role should is assigned to a minimum of two individuals operating in different time-zones. To address the scenario of an incident occurring during ‘off-hours’, each individual signed onto a role is reachable on their personal devices. This is so that all team members can be alerted to critical alerts and relevant multisigs can react quickly. As Defense III is further developed, reliance on manual intervention from team-operated multisigs will be lessened.
Facilitator
Facilitates the emergency handling and ensures the procedure is followed, engaging with the correct stakeholders and teams in order for the necessary decisions to be made quickly.
Multi-sig Herder
Responsible for ensuring that the various Inverse Multi-sig wallets are available to execute transactions in a timely manner during the emergency.
Strategy Lead
Charged with devising a prudent strategy meant to resolve the time-sensitive issue at hand.
Web Lead
Coordinates quick changes to UI and Websites as required.
PR Lead
In charge of coordinating comms and operations assistance as required.
Disaster Training
Inverse Finance can benefit from unannounced security drills to keep our security posture current, an initiative the RWG plans to spearhead during Season 3. These involve simulating various security scenarios, such as a hack or a technical issue, and then measuring how quickly our incident response team is able to respond to the situation. This helps us to identify any weaknesses in our response protocols, and to make improvements to ensure that we can respond quickly and effectively in the event of a real security threat.
Last updated