Sky Co-founder: The Next Era of Onchain Finance Is Coming

**Robbie Klages** (0:00)
Welcome to Stabled Up, episode number 28, our premiere weekly Stablecoin-oriented show powered by our friends at Fracks and their FRX USD product. We've got Rune Christensen here, co-founder of Sky. Rune, what a 96 hours in DeFi, man.

**Rune Christensen** (0:16)
Yeah, it's another day in DeFi, I guess.

**Robbie Klages** (0:20)
Yeah, indeed, indeed.
Where do we start here? Well, Rune, I mean, I would just love to just get a bit of your perspective. We'll start on kind of this exploit, what happened, transitioned this convo into just kind of more broadly, stable coins, USDS, Sky. Starting on this exploit here, I mean, initial reactions, thoughts, so much has happened from Arbitrum earlier today with KelpDow statement, Layer Zero statement, Aave statement, kind of finding out what actually happened. Rune, I mean, from your perspective, what went wrong, what happened here, and just any immediate reflections and lessons here.

**Rune Christensen** (1:05)
Yeah, I mean, I think first of all, it's pretty, it feels pretty shocking, right, that it happened so close to the Drift incident, which was, I don't know, feels like that was like two weeks ago or something, almost, you know, that was very recent as well. And I mean, my understanding was that it was a pretty deep attack into the, you know, the off-chain infrastructure of Layer 0, combined with basically suboptimal configurations on the smart contract side for both Kelp and then Aave, which led a lot of these assets basically then get sort of cashed out.
But ultimately, like, I mean, it was just, it's still quite surprising to actually see this kind of attack where North Korea like literally got onto, like sort of very deep into the systems of, to my understanding, like quite security-focused organization like Layer And I mean, a lot of the sort of fear that I'm sort of, you know, that I've been sensing recently is this like fear around AI-powered hacking, basically, and attacks on DeFi. And I think I remember from one of the statements that there were literally, there literally was this mention of like, that there were, you know, this could have been somehow AI accelerated, which of course, I mean, yeah, I mean, it's, you can't really tell, I guess necessarily. And on the other hand, every export always, like it always happens because there's some kind of mistake made, like you can't have, you know, AI systems can't just like literally like hack something that is like built fully correctly just through magic. So it's not like everybody should be really scared and like expect, you know, anything to blow up any moment. But definitely like I think across the whole industry, I mean, already following the drift hack to some extent, everyone is just realizing like North Korea is watching, you know, they are running, you know, a hundred agents scanning a protocol right now, you know, 24 seven, they're looking for every single possible vulnerability. And everybody must just be prioritizing security even greater than they were before, right? That should have been priority number one already, but now it needs to be sort of an even bigger part of what you're doing. It's just basically everybody should be just keeping all of the money safe, looking for every single attack vector and basically fix it before the agents find it.

**Robbie Klages** (3:41)
And I think, Rune, one of the other kind of preemptive points that you made was around this idea of the political post-exploit dynamic between protocols and voices in the space kind of almost operating without a... I mean, really without a plan, without a kind of emergency plan. And you kind of wrote about how you think this is something that Sky should really work on and think about and anybody should think about.
I'm curious kind of what you think about how a protocol is or a community here of the shareholders, of the token holders, of the participants of any given ecosystem should think preemptively about designing a potential post-exploit command system or a line of fire as far as XYZ is to happen. How do you think about this? What is your kind of ideal end outcome for a company like Sky or others who maybe face something like this in the future or perhaps not? But of course, always being careful is better than not being.

**Rune Christensen** (4:55)
Yeah, I mean, I think that, I mean, I think a lot of people have been mentioning this, right, that in many ways, the damage done to the DeFi industry from the uncertainty around this might actually have been greater than the loss of the heck itself. Just because you've had like several days of this, like completely unprecedented sort of liquidity ceasing up. And it's as if it's like the great financial crisis and the mortgage-backed securities just turn out to be worthless and so on. But the reality is this is actually, I mean, sadly for DeFi, this is not like, this is a big hack, sure. But it's not like, it's, you know, a similarly sized hack happened like a couple of weeks ago. Right? So the real problem here is actually just that there's a lot of, you know, it brought a lot of systems into sort of states.