Remove Cream from IdleFEI pool

Idle Treasury Leagues

This proposal removes Cream from idleFEI Best-Yield pool. With its execution, the pool will deploy funds in Aave v2 and Fuse pool #8.

Cream protocol suffered a $130m loss on 27th October 2021, making it the third-largest DeFi hack in history.

The attackers found a vulnerability in the platform’s lending system and used it to steal Cream’s assets. The attacker used a complex blend of collateral/borrow transaction and inflated the price of yUSD to game Cream collateralization ratio and leave a $130m underwater loan.
Technical analysis of the attack is available here.

The Integration Standard Requirements evaluate losses on a case-by-case basis. Hacks directly related to protocol’s smart contracts represent a red flag, especially when there are no mitigation mechanisms and the maximum stolen amount is equal to the protocol’s TVL, like in this case.
Following this incident, Cream can no longer be compatible with Idle’s risk profile and Leagues propose to remove it from idleFEI (the only pool supporting it).

There are no material risks on Idle side, as the rebalancer already paused any possible Cream deposit, but this proposal would finalize the protocol deactivation.

The technical implementation will be developed by Dev League.


  • Remove Cream protocol from idleFEI: 1 action

Next Steps
We are going to leave this thread open for comments regarding this proposal, and in about 48hrs, if there are no objections, we will proceed with the Temperature Check.


Let’s move the proposal to the Temperature Check phase!

:arrow_right: Poll for $IDLE holders: HERE
:arrow_right: Poll for $IDLE Stakers (stkIDLE holders): HERE

:alarm_clock: Polls will close 2021-11-03T10:00:00Z .

The final $IDLE voting weights will be calculated using the approved calculator .

Cast your vote :writing_hand:


Temperature Check approved :white_check_mark:

This initiative will be included in the upcoming IIP-15.