Risk Assessment
MakerDAO (Sky) Risk Assessment
Overview
MakerDAO (rebranded to Sky in 2024) is the protocol behind DAI/USDS, the largest decentralized stablecoin. Users deposit collateral to mint DAI, with the system maintaining a soft peg to USD through over-collateralization and liquidation mechanisms.
The protocol pioneered decentralized stablecoins and has become foundational DeFi infrastructure, with DAI integrated across hundreds of protocols.
Smart Contract Risk
Contract Architecture:
- Multi-Collateral Dai (MCD) system with modular vaults
- Vat contract is the core accounting engine
- Liquidation modules (Dog, Clipper) handle auctions
- Oracle Security Module (OSM) delays price data 1 hour
Code Quality:
- Extensively audited by Trail of Bits and others
- Formal verification on critical components
- Open source since inception
- Continuous security reviews
Attack Surface:
- Collateral types introduce per-asset risk
- Liquidation cascades possible during volatility
- Oracle manipulation mitigated by OSM delay
- Emergency Shutdown as last resort
Admin/Governance Risk
Governance Structure:
- SKY token holders govern (formerly MKR, 24,000:1 ratio)
- On-chain voting via Chief Contract
- Governance Security Module (GSM) enforces delay
- Executive votes implement approved changes
2025 Transition (North Star):
- MKR retired, SKY as sole governance token
- New Chief Contract deployed
- Emergency Shutdown Module disabled
- FRAX-style single token model
Security Mechanisms:
- Protego contract can cancel pending governance actions
- Oracle Security Module delays price data 1 hour
- Emergency Oracles can react to attacks
- GSM pause delay on all changes
Trust Assumptions:
- Governance controls all protocol parameters
- Collateral onboarding decisions affect system risk
- USDS introduces freeze function (unlike DAI)
- Governance attacks theoretically possible
Oracle Risk
Decentralized Oracle System:
- Multiple oracle feeds per collateral type
- 1-hour OSM delay prevents flash manipulation
- Emergency Oracles can invalidate bad data
- Governance sets oracle configurations
Oracle Security:
- Distributed data sources
- Time-delayed price propagation
- Emergency intervention capability
- Per-collateral oracle parameters
Economic Risk
Liquidity Risk:
- $8B+ in collateral backing DAI/USDS
- Deep DEX liquidity for stablecoin pairs
- PSM maintains peg with USDC reserves
- Liquidation auctions provide exit mechanism
Stability Mechanisms:
- Over-collateralization requirements
- Stability fees adjust borrowing cost
- Debt ceilings per collateral type
- Peg Stability Module for tight peg
Operational History:
- Single-collateral DAI launched December 2017
- Multi-collateral DAI launched November 2019
- Survived March 2020 Black Thursday
- Zero smart contract exploits
- $7B+ cumulative debt generated
Stage Assessment
Stage 1 Criteria Met:
- Governance-controlled upgrades with GSM delay
- Decentralized SKY governance
- No direct admin fund access (collateral controlled by users)
- Extensive audits and formal verification
- 5+ years operational track record
Why Not Stage 2:
- Governance can modify all parameters
- USDS has freeze function (centralization concern)
- Emergency functions exist
- Collateral onboarding introduces ongoing risk
Justification: MakerDAO achieves Stage 1 (Limited Trust) status due to its mature governance system with meaningful delays, proven oracle security, and extensive operational history including survival of major market events. The protocol’s 5+ year track record and $8B+ TVL demonstrate battle-tested security. However, the USDS freeze function and governance power over parameters prevent Stage 2 classification.