What the Memecoin craze can teach us

Author: Haden Patrick, Cordial Systems Source: blockworks Translation: Shan Ouba, Golden Finance

As a retired Navy veteran, I have always been a big fan of history.

History is known for leaving behind some famous quotes that can add icing on the cake of a situation. On December 22, 1944, General McAuliffe was leading American troops holding Bastogne during the Battle of the Bulge, and when the Germans demanded their surrender, he responded with the following - "No way!"

Perhaps more well-known is the message Jim Lovell sent from the Apollo 13 spacecraft to Mission Control on April 14, 1970: "Houston, we have a problem."

But recently, I fell in love with a post by an unknown developer for the memecoin Slerf, who caught the attention of the X-universe by tweeting "Oh fuck" after realizing he had burned $10 million worth of tokens on March 18, 2024.

This lone tweet that caused a stir in the X-universe was followed by a follow-up announcement: “Guys, I screwed up. I burned the liquidity pool tokens and the airdrop reserved tokens. Minting permissions have been revoked so I can’t mint them anymore. There’s nothing I can do to fix this and I’m so sorry.”

The statement was filled with remorse, self-awareness, and apology, which made me sympathize with the hapless developer. Fortunately, what should have been a fatal blow to Slerf (I say it was the team lightly), turned into an opportunity for the entire crypto community to unite. Because it’s a memecoin, the next day $SLERF did what memecoins do: the price soared, the market cap exceeded $400 million, and the trading volume on Solana exceeded $3 billion in two days.

In the midst of this memecoin mania, there was a learning moment.

If you are part of an effective organization, you are likely to value team learning, especially learning from mistakes. Even more, learning from the mistakes made by others. That’s what it means to rise to the next level.

It all comes down to risk management, which is definitely not unique to the crypto space. Specifically, once a risk is identified, it can be eliminated, mitigated, or accepted. Let’s see how that plays out.

The developer of Slerf has published several follow-up posts that provide more insight into what happened — basically, he believes that the initial operation to burn a portion of the liquidity pool tokens using a third-party tool failed, and then accidentally burned all of the remaining liquidity pool tokens.

This could have been avoided. The risks inherent in this operation can be successfully mitigated with a structured risk plan. This may include using a more reliable token burning mechanism, conducting thorough testing before deploying the burning process, and having clear backup and recovery procedures in place.

Organizational Management Lessons from Slerf

First, think of your software and infrastructure as a layer of security protocols.

An effective organization with a top-notch Chief Information Security Officer (CISO) will create an environment where critical infrastructure operates within firewalls to maximize protection against intrusion.

But this CISO will also be very concerned about losses caused by their own team. Some strategies that can be implemented to prevent mistakes within the team include: whitelisting of asset transfer addresses, enforcement of two-factor authentication for key operations, and controlling the technology stack to ensure that third-party applications are not downloaded or added as browser extensions (such as wallet vendors or IP access control).

The first approach is to eliminate risk. In the Slerf incident, any of the above measures would have prevented the erroneous token burn operation from being executed.

Third-party tools for token burns are a convenience tool, not a necessity. Professional asset managers do not take fund movement lightly. They will ensure that any important operations that interact with funds are appropriately risk-averse through strong strategies that should be integrated into the established risk management strategy.

Strong fund management tools will eliminate single points of failure and enable organizations to implement two-factor authentication principles for all fund movements as needed.

The second approach is to reduce risk. Sometimes, we can’t eliminate all risk from critical operations, but our needs dictate that we move forward: One way to mitigate risk is to access the tool only from one workstation and a single address loaded into a third-party wallet tool, another is to maintain two-factor authentication protection even when using addresses controlled by a third party.

Finally, create standard operating procedures (SOPs). For example, require that any destruction operations performed using a third-party tool must have another operator present to verify the created transaction before it is submitted.

The most important factor, however, is preparation. Identifying critical operations, assessing the risks involved, and planning how to mitigate them should be done before they are performed.

But ultimately, the Slerf incident appears to be a case of a one-man development team rushing to release a new memecoin to cater to a fan base of meme-loving fans. Whether intentionally or not, this developer acknowledged the risk, said “I’ll take care of it,” and then moved on without eliminating or mitigating operational risk.

But we should never forget about personal risk management.

I couldn’t help but be shocked when I read the last sentence of the tweet/post above: “I spent 3 days preparing for this and I fell down at the finish line.” Many military accidents cite lack of sleep as a root cause. If we take this statement literally, this developer was simply not capable of operating a protocol that put $10 million worth of assets at risk, no matter how high he/she thought he/she was getting from his/her caffeinated energy drink of choice.

Personal risk management includes managing your daily routines to the best of your ability to get adequate rest, exercise, and nutrition so that you are at your best when you enter the critical operations phase. Contrary to popular belief, teams should not burn themselves out to the point of collapse. Everyone reaches a point where they become less productive, more prone to making mistakes, and more careless.

I’ll bet that this happened before working three days straight.