1/n: Some thoughts on today's @RariCapital exploit via the integration with @AlphaFinanceLab.

Disclosure many of us @YuntCapital are investors in Rari and believe in the team and the product.

2/n: First off, if you haven't read this thread by @FrankResearcher check it out. It gives an excellent breakdown of the exploit.

https://twitter.com/FrankResearcher/status/1391087260125188099?s=20

Additionally see the Alpha response here: https://twitter.com/AlphaFinanceLab/status/1391046927349784589

3/n: While Rari bears responsibility here I am intrigued by the response from Alpha, particularly the "incorrect assumption" that Rari made around integrating with the HomoraBank contract.

4/n: My questions are:

1) What was the incorrect assumption

2) Was this documented

3) Are some protocols so complicated that it's best to simply not integrate with them

5/n: As a software engineer by trade I have personally found the documentation within the #DeFi space to be woefully lacking. If protocols are meant to be Lego bricks that we use to build new products then proper documentation for how to integrate is table stakes

6/n: It's definitely possible that the Rari devs didn't properly read the documentation, or didn't properly follow up with Alpha. However, in my experience as an engineer and engineering manager these sorts of mistakes are 9 times out of 10 down to gaps in documentation.

7/7: I'm looking forward to reading the post mortem from Rari and seeing how the team takes this as a learning and growth opportunity. These things happen and how the team response will be a defining moment both for them personally and the company as a whole.