Kolibri is an algorithmic stablecoin based on Tezos that was launched earlier this year. It has quickly become one of the most popular DeFi projects on Tezos, with over $10M in TVL locked in the protocol and $1M+ worth of kUSD backed by that TVL.
When Hover Labs launched the Kolibri protocol in February of this year, we expressed that our governance philosophy was to prove the safety of the protocol, and to slowly decentralize over time, with the goal of ensuring on our way out that no other entity can ever unilaterally control the protocol. We’re excited to announce the next step in this plan — decentralized and programmatic governance controlled by a Decentralized Autonomous Organization (DAO).
The Kolibri DAO is a smart contract which will act as the long term governor and overseer of the Kolibri protocol, backed by its own FA1.2 governance token — kDAO.
What’s a DAO Anyway?
A DAO is a smart contract which provides a codification of a set of rules for an organization, backed by some governance process. Put simply, a DAO is a fully decentralized and autonomous organization, governed by code and holders of a token. You can read more about DAOs here.
How does it work?
The DAO allows kDAO holders to propose and vote on various proposals to govern the Kolibri Protocol. Each proposal is an arbitrary lambda (block of code) that can execute within the context of the DAO. This allows governance proposals to affect internal DAO parameters, as well as invoke contract calls on any smart contracts for which the DAO is set as the governor.
The DAO also uses a snapshot system that can determine a user’s kDAO balance at the moment a proposal goes live, and requires they hold that balance for at least one block, which ensures participants cannot use flash loans to exert undue control over a vote.
We plan on upgrading Kolibri to be completely governed by the DAO in the coming days, but with some additional guardrails for safety (Read on to “Safety Precautions” below).
In order to submit a new proposal, one must lock up some escrow, or a small amount of kDAO tokens (also adjustable by the DAO!), to propose new governance proposals. These kDAO are only returned if the proposal reaches a minimum percentage of “yay” votes, otherwise the escrow is given to the community fund. This acts as a disincentive for people to spam the DAO with proposals, since only one proposal can be active at a time.
A proposal is considered passed if it achieves both a quorum (a minimum amount of votes) and a super majority of voters vote “yay”. The quorum value is a floating value that adjusts using an exponentially weighted moving average and has both lower and upper caps. It is currently set at 30% and 80%. The super majority is currently set at 80%. Both the super majority and quorum caps are adjustable via governance
Once a proposal has been passed in the DAO, it is put into a timelock, akin to the multisig system today. This provides a programmatic guarantee of buffer time between a proposal and implementation, which provides safety and time for users to exit the system if desired before changes take effect.
Like Kolibri, the DAO is an upgradeable piece of software, which can be upgraded from the DAO itself. We expect Kolibri to upgrade over time.
kDAO and Token Distribution
Kolibri Governance will be powered by its own token, called kDAO.
The details are as follows:
- Symbol: kDAO
- Digits: 18
- Address: KT1JkoE42rrMBP9b2oDhbx6EUr26GcySZMUH
- Supply Cap (fixed): 1M kDAO
(Note: An early version of this article listed a now defunct token contract address. Please prefer the address above.)
If you feel strongly about any of these token parameters, please come discuss this in our Discord, and we may change them based on community feedback.
A very important point of the decentralization story is the actual act of becoming decentralized. We’ve chosen to use a few different mechanisms to distribute kDAO tokens to users of the Kolibri protocol, ensuring that those who use the protocol can help control it, but avoiding concentrating too much power with any single entity.
Tokens will be distributed in the following fashion:
- Airdrop to Ecosystem Users: 15%
- Liquidity Mining Incentives : 30%
- Hover Labs Token Grant: 20%
- Reserved for Community Fund: 35%
Airdrop to Ecosystem Users
kDAO will be distributed to users who engaged and experimented with the Kolibri protocol, as well as to users who helped to develop the protocol by providing liquidity for liquidations and trading of the pair.
Hover Labs took snapshots of the Tezos blockchain every 1440 blocks (1 day, assuming all blocks are priority 0) from block 1330056 (when Kolibri was deployed to mainnet) until block 1461096 (Roughly Friday May 7).
Please note, actions taken after Friday May 7 do not count towards airdrop token allocations.
If an account met any of the following criteria on any snapshot block, we award them 104.602510460251046025 kDAO:
- Borrowed more than 10 kUSD at a snapshot
- Supplied kUSD Liquidity in any amount to Dexter
- Supplied kUSD Liquidity in any amount to Quipuswap v1.0
- Supplied kUSD Liquidity in any amount to Quipuswap v1.1
- Supplied kUSD Liquidity in any amount to the Kolibri Liquidity Pool
- Executed a Kolibri governance proposal
Rewards are not stackable (for example, executing two governance proposals is only worth ~104 kDAO, not ~208 kDAO) and can be earned across multiple snapshots (example: a user who provided liquidity to Dexter at block 1330056 and then moved liquidity to Quipuswap at block 1331496 would earn ~208 kDAO). It follows that the maximum amount an account can earn is ~ 624 kDAO.
Hover Labs has provided code to calculate distributions and a prospective list of rewards on our GitHub. We highly recommend that all interested users validate their allocations and reach out to Hover Labs as soon as possible if they believe it is incorrect.
No airdrop is perfect, but Hover Labs feels that this represents a fair distribution for kDAO. The criteria is selected to not be financially exclusive (we prefer to reward a broad pool of participants vs a small cabal of whales). Providing any amount of Liquidity ($0.01 USD or more) to a liquidity pool, the collateral required to borrow 10 kUSD, and paying the transaction fee to execute a governance proposal. Put together, the total cost of meeting all criteria is less than $25 USD.
We were specifically targeting 3 “personas” when thinking about how to distribute kDAO tokens equitably:
- Experimenters: These are people who actually opened an oven and actively engaged with the Kolibri protocol by locking XTZ and generating kUSD. Our community is full of amazing folks who have given us super valuable feedback on how to improve, and we think they have a real interest in ensuring Kolibri is healthy and stable long-term.
- Liquidity Providers: These folks are the ones who are providing liquidity on decentralized exchanges like Quipuswap and Dexter, which is a critical component to the economic balancing act that backs kUSD.
- Early Governance Participants: As we did our stability adjustments to help stabilize the price of kUSD, we put in a number of governance proposals, all of which were proposed by Hover Labs, but executed by the community. As these executors were directly participating in the governance process in its earliest iteration, we want to ensure they’re given kDAO tokens as well.
Put together, we hope this group of users represent a set of people who are knowledgeable and curious about Kolibri and will help steer the protocol, favoring long term growth and stability.
One final note on airdrops: since Hover Labs is getting a founders grant equivalent to 20% of the total supply, we’re removing our wallet addresses from the airdrop.
Liquidity Mining Incentives
A large percentage of the token supply (30%) is set aside to drip out to users who engage with Kolibri. Specifically, we will launch a set of farms where:
- Users can deposit kUSD and earn kDAO tokens
- Users can deposit kUSD Quipuswap LP tokens and earn kDAO tokens
- Users can deposit QLkUSD (obtained from the Kolibri Liquidity Pool) Tokens and earn kDAO tokens
Exact allocations for each of these contracts is yet to be determined. The farms are intended to run for two years, ensuring that Kolibri provides long term incentives for users to participate in the protocol until additional incentives develop.
Lastly, control of these contracts (revocation of funds, adjustments to reward rates and length of farms) is programmatically controllable via Kolibri DAO. If the community feels sufficiently differently than Hover Labs, a DAO vote can adjust these allocations, cancel the farms, or launch new farms at any time.
Hover Labs’ Token Grant
Hover Labs will receive a founders grant of 20% of the token supply. The supply is locked in a smart contract which will continuously make accessible over the next 525600 blocks from launch (roughly 1 year at 1 minute block times). The non-accessible tokens locked in the contract are illiquid, meaning that Hover Labs can’t move/spend them, but it’s important to note that they can be used to participate in voting, which falls in-line with our progressive decentralization plans. The airdrop will account for 15% of the total supply, and after 3 months of the liquidity mining program, >5% should be dripped out. Once this happens we’ll cross a threshold where the community will own more tokens than all of Hover Labs combined.
The remaining 35% of tokens are placed in a community fund controlled by the DAO. The community fund is a smart contract capable of escrowing and receiving arbitrary amounts of FA1.2, FA2, or XTZ tokens.
The remainder of kDAO in the community fund is intended to be used for the good of the protocol. The DAO has control of these funds and could choose to do a number of things with them, including:
- Paying a grant for additional features or development on Kolibri
- Paying for a security audit of the DAO code
- Incentivizing user behavior by extending or creating new farming contracts
- Any other action which decentralized governance approves.
When the DAO launches, it will have full control over the Kolibri Protocol. This is not without risks — the governance code is relatively new and not battle tested. Though Hover Labs has performed extensive unit and integration testing, it is always possible that novel bugs or exploits may be found that require intervention to correct.
In line with Hover Labs’ previously communicated governance philosophy, we intend to continue to decentralize slowly, and lock the privileges we have when safety is proven. Given that Kolibri contains over $10M of TVL, and use of DAOs is still highly experimental, we’re optioning to have a “break glass” mechanism to be able to quickly fix/defang any issues found in the DAO or core protocol as result of independent report or security review.
On day 1 that the DAO goes live, the community (if it so chooses) can put in a governance proposal to remove this “break glass” mechanism, though we discourage it until the security review has been completed. If a security issue were to be discovered without this break glass mechanism, we’d find ourselves in a situation where we’d have to elect a new DAO or central Kolibri component while simultaneously trying to prevent the discovery or exploitation of the underlying security issue. While obviously security issues can happen at any time, there’s a higher likelihood that if these issues exist, they’ll be discovered as part of the security review, which is why we’re only recommending this measure be in-place until the security review is complete and any issues are fixed.
A firewall of proxy contracts, called the “Break Glass” contracts will be deployed to act as governor of the Kolibri protocol. These contracts provide a set of safety guarantees which reduce Hover Lab’s privileges while maintaining safety.
If the contract is passed a lambda from the DAO, the Break Glass contract will execute the lambda as the governor of the protocol. This makes the break glass a direct proxy for the DAO contract.
However, the Break Glass is also controlled by a multisig. In case of emergency, the Multisig can “Break Glass” and ask the contract to revert control of the Kolibri protocol back to the multisig. This acts as an emergency button which could be used in case:
- An unknown vulnerability is discover in the DAO or a Kolibri component which allows malicious users to gain control of the Kolibri protocol, or
- A programming error in Kolibri DAO renders the DAO inoperable.
Philosophically, Hover Labs will never use this Break Glass functionality to block a governance proposal they disagree with. It’s a security control, and will never be used for anything else. We pledge to communicate across all standard communication platforms (Discord, Twitter, Agora) if we ever need to use it.
As before, the keys to the multisig are held by Hover Labs:
As said previously — at any time, the DAO may elect to remove the Break Glass contract. This is done by asking the break glass contact to set the DAO as the direct governor of the Kolibri protocol. Hover Labs will absolutely not block this decision if it passes through the DAO at any time, even if that’s day 1.
In fact, Hover Labs supports the removal of the Break Glass mechanism as soon as reasonable. After a security audit has been completed any findings have been remediated and publicly disclosed, Hover Labs intends to submit a governance proposal to remove the Break Glass mechanism and lock ourselves fully out of the system, finally crossing the threshold into full decentralization. Hover Labs has begun sourcing a review and anticipates this work will be complete in the coming months.
Hover Labs is currently finalizing our deployment plan and farm allocations. This blog post serves as a request for comments and an ability for the community to check our work, whether that is auditing The Kolibri DAO’s or Break Glass source code, checking our airdrop math or providing feedback on token distribution.
We’ve labored over many aspects of our decentralization and governance token distribution plan, and tried to explain our reasoning for everything above. If there’s something that’s not clear or an aspect you disagree with, please come join us in our Discord to discuss things. We’re planning on having this RFC period run for at least a week (May 27) to let the community digest it before taking the actual actions to switch the Kolibri Protocol’s control over to the DAO. As things progress, we’ll give updates via the same channels as we did previous governance proposals.
We know you’ll have questions. The best way to participate in the discussion is to join the new #decentralized-governance channel in our discord.
Almost all code used in this launch is generalizable and can be applied to other products built on Tezos. We’re proud to open source:
- Murmuration DAO: A complete and generalizable DAO, including flash loan resistant governance token, DAO, community fund, and grant contracts, along with automated deployment scripts
- Farming Contracts: A repository containing a generalizable farming contract and deployment scripts. Based on the great work from StakerDAO and Stove Labs.
- FA1.2 Airdrop Scripts: The script that will be used to batch and airdrop kDAO. Based on the awesome work being done at StakerDAO.
- Break Glass Contracts: The firewall proxy contracts used as a safety mechanism
Hover Labs loves when developers use our code. If you’d like help deploying any of our tools above, please contact us.
Thank you to the following who provided the tools, advice and feedback to create a working product. In alphabetical order:
- Cryptonomic — For our deploy scripts
- ECAD Labs — For Tezos Taquito, a Tezos SDK which powers Kolibri’s front end
- Jacob Arluck, TQ Tezos — Governance advice and feedback
- SmartPy — Who implemented feature requests and builds the most accessible smart contracting language on Tezos
- StakerDAO — For helping to produce both the tezos airdrop scripts and the farming contracts
- Stove Labs — for their awesome work on the farming contracts
- TzStats — For providing API access that powers our Airdrop scripts
- TzKt / BetterCallDev — For the awesome API that powers the airdrop scripts and a smart contract explorer that keeps us sane
And lastly, thank you to everyone who has engaged with the Kolibri protocol, the Kolibri community and Hover Labs. You drive us to keep building!