Perpetual Protocol Private Markets - Part II [RFC]

Hey everyone, Jonathan from Delphi Labs here!

I’m very excited to present the second part of our Private Markets proposal to the community. In this part, as was mentioned in Part I, I will be exploring our proposed Private Markets framework.

If you prefer to watch a video walkthrough of the proposal you can do so on our portal.

Let’s dive in!

–

Introduction

In Part I of this post we covered our proposal for the high level architecture of Perpetual and how the Public Markets would work under this architecture. In this second part we’ll explore how Private Markets fit into this system. As a reminder, for the context of this piece, we refer to Private Markets as perpetuals markets that can be deployed on Perpetual Protocol in a permissionless way, in contrast to Public Markets, which are required to follow a regular governance process to be deployed.

High Level Architecture

The Private Markets architecture consists of 4 main components:

• Private Markets (PrM) DAO: The DAO that sits on top of all Private Markets. Only participants in the PERP DAO (sPERP holders) can join the PrM DAO. PrM DAO participants are entitled to fees generated by Private Markets (we’ll explore how this works more thoroughly in following sections) and act as the third tranche in case of a deficit event. While initially the PrM DAO will hold no governance power over Private Markets (as will be explored below), eventually as the Private Markets architecture matures we expect some governance powers to migrate to the PrM DAO. At first there will be only one PrM DAO as a proof of concept, but as the system matures we envision a multi-DAO architecture with different risk profiles, as will be explored in further detail below.
• Private Markets Insurance Fund: The native insurance fund that covers all Private Markets and will initially serve as the second tranche in case of a deficit event.
• Temporary Insurance Fund: An insurance fund that will be bootstrapped through PERP rewards during the initial stages of the Private Markets while the native insurance fund develops (we’ll explore the specifics in more detail in the following sections).
• Private Market: A perpetuals market created in a permissionless way by any user.

The following figure summarizes the above architecture.

1442×811 89.9 KB

Figure 1. Perpetual Protocol High Level Architecture.

Private Markets DAO

Any sPERP holder will be able to support and participate in the PrM system by staking their sPERP in the PrM DAO. Whenever a user stakes sPERP into the PrM DAO, the user will receive PrM DAO tokens, which represent the user’s share of the DAO. Any user who joins the PrM DAO will receive additional fees from activity facilitated by the Private Markets, while at the same time serving as the third tranche in case of a shortfall event.

For the Private Markets DAO, the PERP DAO will need to decide on a number of important parameters for the system to work as intended. The following is the list of parameters (all of which should be adjustable by governance) and some of our recommendations (see Figure 2):

• Private Markets DAO Cooldown Period: There should be a cooldown period that stakers in the PrM DAO need to wait before being able to withdraw their funds. This cooldown period is necessary to avoid the case where stakers withdraw their funds from the DAO immediately after a deficit takes place, potentially leaving the system at risk. For the system to be robust, funds staked into the DAO need to be a credible source of insurance in case of deficit events. We propose a cooldown period of 1 week.
• Maximum Slashing: Indicates the maximum share of staker funds that is at risk whenever a deficit happens. We propose initially setting the maximum slashing at 30%, same as for the Public Markets.
• Joining Fee: This fee acts as a tax levied on every user joining the PrM DAO that is distributed to all previous stakers in proportion to their PrM token holdings. The objective of this fee is to incentivize early and long-term oriented staking. We suggest that this fee is set at 2.5% initially.

Private Markets Insurance Fund

Ideally, the IF should be able to cover all deficit events by itself, without the system needing to use PrM DAO funds. To this end, the IF should have a target size based on the risk the protocol is taking. To determine this target we suggest following a similar methodology to the one explored in Part I of this post for Public Markets:

• A Target Insurance Ratio is defined. This parameter is measured in the same way as for the Public Markets, where:

Given that we expect the Private Markets to be composed (in aggregate) of riskier assets than the Public Markets, we suggest setting a higher Target Insurance Ratio than for Private Markets. We believe this would give an additional margin of safety to users of Private Markets. Having said that, as is the case with Public Markets, this parameter should be adjustable by governance as the model evolves over time and empiric data can be gathered about its performance.

Based on this target, the fees flow within the Private Markets architecture would be adjusted as follows. If the Insurance Ratio is below the Target, the majority of fees should flow to the IF. Otherwise, fees should be redirected to stakers as that would indicate that the IF is large enough given the current level of risk within Private Markets. The specifics behind the fees flow mechanism will be explored in further detail below.

Temporary Insurance Fund (TIF)

Given that initially the Private Markets Insurance Fund will hold no funds, we suggest creating a Temporary Insurance Fund where any user is able to provide assets that act as the first tranche in case of a protocol deficit in return for rewards in the form of PERP. This mechanism would help bootstrap an insurance fund for Private Markets while the native Private Markets Insurance Fund develops over time. Concretely, we see the Temporary Insurance Fund working as follows:

• Any user will be able to provide yUSDC to the Temporary Insurance Fund. Assets in this insurance fund serve as the first tranche in case of a shortfall event.

• There should be a cooldown period that depositors need to wait before being able to withdraw their funds from the TIF. The rationale for this is the same as for stakers in the PrM DAO. We propose this cooldown period to be 1 week.

• In return for their risk-taking, stakers will continuously receive PERP rewards according to a schedule decided by the DAO. This rewards schedule should be periodically monitored and adjusted when needed in order to:

• Increase rewards whenever the TIF is undercollateralized.

• Decrease rewards whenever the TIF is overcollateralized.

To decide whether the TIF is over or undercollateralized, the methodology explored in the previous section should be used. However, given that the TIF is also backing the Private Markets, the Insurance Ratio should be calculated as follows:

If the above ratio deviates considerably from the target defined in the previous section, the DAO should consider adjusting the rewards.

• As the native insurance fund gets built over time via protocol fees, the Temporary Insurance Fund should be gradually wound down. From a rewards perspective, this means that even though over the short term PERP rewards could fluctuate depending on changes in trader activity on the Private Markets, over the long run the trend should be of diminishing PERP rewards.

Private Markets Governance

While we believe in the long run the PrM DAO should have governance power over some of the parameters that regulate Private Markets, initially we think that right should belong to the PERP DAO. The main rationale behind this is that the cost of bootstrapping the TIF will be shared among all PERP holders, not only PrM DAO participants. Eventually, as the Private Markets architecture matures and its native insurance fund gets more robust, some governance functions could be gradually transferred to the PrM DAO.

Private Markets Creation

We developed a simple process to determine which assets would be initially whitelisted for Private Market creation. This is necessary given that not every asset can or should have a perpetuals market. For example, an asset with no oracle or an unreliable oracle cannot have a well functioning perpetuals market by definition. Thus, we use this process to set a minimum set of requirements an asset needs to meet to be whitelisted. We think that this approach will allow for the number of assets listed on Perpetual Protocol to increase considerably while at the same time protecting users as the Private Markets architecture is tested out.

Over time, this whitelisting process could be gradually stripped down to its bare minimum (i.e. whitelisting every asset with a reliable oracle) as the Private Markets model matures. Initially, though, we prefer to be conservative and prioritize user safety. To this end, the conditions for an asset to be whitelisted would be the following:

1. Having a Chainlink or Uniswap oracle.
2. Having an average 24hr volume traded over the past 90 days higher than $10M.
3. Having an audit.

Notice that the above whitelisting process doesn’t imply that the system is permissioned, as any user will be able to create a market for any whitelisted asset in a permissionless manner. Furthermore, the initial whitelisting process should be broad enough such that at launch a significant number of assets are available for Private Market creation.

From a UX perspective, a prospective market creator should be able to browse or search through a list of previously whitelisted assets and create or initialize a market for any of those assets in a few clicks. To this end, it is important that the whitelisting process be done periodically and thoroughly by the PERP DAO or a specialized team assigned to this task. After a market has been initialized, any user will be able to provide liquidity for that market.

Fees Flow

For the Private Markets we propose a similar fees flow mechanism as for the Public Markets (see Figure 2). Specifically, 80% of fees will flow to the IF in USDC whenever the Insurance Ratio is below the Target (otherwise IF fees flow to DAO stakers), 10% will flow to PrM DAO stakers in the form of sPERP and 10% will flow to the PERP DAO in the form of PERP. Notice that the TIF will not be receiving any fees from the Private Markets, as stakers into the TIF will be receiving PERP rewards.

The following figure summarizes the above mechanism.

1303×733 78.4 KB

Figure 2. Private Markets Fees Flow.

Multi-DAO Private Markets

While initially we propose implementing the system with a single PrM DAO that covers all initially whitelisted Private Markets, eventually we envision the architecture evolving into a multi-DAO system where each PrM DAO covers a particular group of markets that fall within a certain risk profile (or that expose certain characteristics). To better understand this, imagine a hypothetical scenario where Private Markets are grouped in 5 risk tranches, 1 being the safest and 5 being the riskiest. Within this system, sPERP holders would have the ability to stake to different tranches according to their risk appetite. This could be applied to the TIF as well, such that TIF depositors could choose the risk level they’re comfortable insuring.

In addition to allowing stakers and TIF depositors to choose the risk level they’re comfortable with, this architecture will allow the DAO to define different parameters for different groups of markets. Parameters such as trading fees, the fee split between LPs and the Protocol and the Target Insurance Ratio could be tailored to specific tranches.

We suggest implementing this multi-DAO architecture in phases. Following the hypothetical scenario above, we would suggest starting with tranche 1, which would be basically the single DAO model described above and gradually add new tranches as the system matures.

1442×811 54.2 KB

Figure 3. Multi-DAO Architecture Example.

Conclusion

Throughout this piece we explored our proposal for the Private Markets implementation within Perpetual Protocol. We expect this architecture to allow Perpetual Protocol to considerably expand its asset offering, with a limited risk exposure to the protocol as a whole. Coupled with the Public Markets architecture explored in Part I of this post, we believe this overall structure will serve as a robust foundation for Perpetual Protocol to grow in the years to come.

We’re very excited to present this to the community and look forward to your feedback regarding this post.

Whitelisting assets to begin with seems reasonable.

Why is the TIF funded with yUSDC and not just USDC? Surely not a good idea to add another layer of protocol risk here.

Is there a process to migrate a private market to public? I can see this being necessary.

Hey @supernoveau, thanks for the feedback! Very good questions. Some thoughts below:

The main rationale here is around capital efficiency. Specifically, if you allow users to deposit a yield bearing asset the system becomes more efficient, since Perpetual will need to pay less PERP rewards because depositors will already be receiving the Yearn yield (so their total APR would be the Yearn APR + PERP APR).

Additionally, this will allow Perpetual to tap into Yearn’s strong community by incorporating one of their assets.

Having said that, your point about adding another layer of risk by incorporating assets from another protocol is definitely valid. However, we think this additional risk is limited for Perpetual as:

1. Most of this additional risk falls on the depositors, as Perpetual wouldn’t be liable for a deficit happening at Yearn. Although, obviously, a deficit at Yearn would temporarily impact the size of the TIF.
2. Yearn’s codebase is one of the most battle-tested in DeFi.

Ultimately, we think it’s a tradeoff between a more conservative but less capital efficient approach (using USDC only) and a less conservative but more capital efficient approach (yUSDC). While we suggest going with the latter, we think the system could also work well using only USDC.

–

This is a very good question and something we debated internally as well.

Initially, since the private markets architecture is being bootstrapped by all PERP holders (through PERP rewards to the TIF) we think governance over private markets should belong to the PERP DAO. This includes deciding whether a private market should be made public. In this sense, we see this happening through a regular governance process.

Eventually, when the private markets architecture is independent (i.e. it no longer requires a TIF), we think some form of a buyout mechanism should be implemented where the PERP DAO is required to buy markets from the Private Markets DAOs in order to incorporate them into the public markets fold. We think the design space for this buyout mechanism is very interesting. One option, for example, could be to implement it as a negotiation process where the Private Markets DAO has the ultimate say in approving/rejecting a particular buyout offer. Another option could be a system where to buy a particular private market the PERP DAO would need to pay a predefined multiple based on the market’s revenue or trading volume. As said before, we think there are a number of interesting alternatives to explore here and look forward to seeing this aspect of the system evolve in the years to come.

I don’t think we should be optimising for capital efficiency in the TIF at the expense of capital preservation.

The TIF is useless if the yUSD 1:1 peg breaks. This can happen in a macro volatility shock, it’s not worth the risk for a few points of yield.

I like the buyout idea when there’s no TIF, provided it’s not negotiable every time. It would need to be standardised.

Is this assuming all Private Markets will have a base pair or collateral in USDC? Is there a vision to enable private markets to have multiple collateral options like ETH or WBTC/RenBTC?

Hi @JonathanErlich , thanks for this well formulated proposal. I think it´s well thought through and I just have a few remarks and questions.

• Regarding the USDC / yUSDC debate for the TIF:
  Can we not simply give the user both options? Since yUSDC is unwrapped into USDC, programming this option should not be that much more complicated compared to the pure yUSDC solution. However, this way we can have the advantages of reaching out to the yearn community, giving them more utility and increasing capital efficiency of the TIF, while at the same time not locking out less savvy investors who don´t use yearn. Further, in this case a portion of the TIF would always stay in the less risky USDC, increasing reliability for the stakeholders.

• Question: Is the TIF proposed to cover the risks of both, the public and private markets or just the private markets?

• Rewarding TIF contributors with PERP tokens is effectively a form of liquidity mining. This in essence is “renting” capital in contrast to raising capital which usually comes in the form of token sales. The question now is about efficiency. Have you constructed a model that gives insights into how long such a liquidity mining would need to last and how much PERP would approximately needed to be emitted during that time? (Hence, what the dilution to PERP holders ought to be?) The problem with “renting” capital is the same with renting a house. At the end of the rental period you don´t have an asset, just cost. It may be more effective to sell a portion of whatever funds the PERP DAO holds to kickstart our own (T)IF.

I´ll create my own model about that issue as well and will post it here, because I´m curious about the dynamics.

Done.
Unfortunately I can´t upload excel files here, so let me summarize the conclusion:

For anyone who want to play around with the excel file and try out different parameters, feel free to download from my server:

https://knowingbitcoin.com/TIF_simulation.xlsx

Hey everyone, thanks for the feedback! Below some comments:

–

Regarding the first part of the question, yes, that’s indeed the case. Regarding the second part will need to defer to the PERP team, but I imagine private markets will have the same multi-collateral functionality as the public markets.

In any case, even if the markets are settled in different assets, this model could be adjusted to account for that. Specifically, the DAO could decide to deposit the fees into the IF in the assets the potential liabilities are denominated in.

–

Definitely, this could be a good solution.

It’s proposed for the private markets, but could be expanded for the public markets as well.

Thanks for the model and the analysis. Very interesting! I agree with the conclusion: under certain conditions it’s better to go with one model over the other.

Having said that, and not to nitpick (the model and the analysis are great!), one additional factor that’s worth taking into consideration is that under the liquidity mining model the risk of a deficit is being taken by the market (TIF depositors, specifically), while with the direct sales model the risk is effectively being taken by the PERP DAO.

–

This is a very interesting point as it speaks to the sustainability of the program. In general we agree: if volumes increase indefinitely, the IF won’t be able to catch up and the IF will need to be subsidized indefinitely. However:

1. I think at some point these markets will start maturing and volume growth will start stabilizing.
2. Whether the IF needs to grow depends directly on the Target Insurance Ratio (the higher it is, the harder it will be to reach). As we’ve expressed on these posts, we think this target should be set on the conservative side to start, but eventually it could be reduced as the risks involved in this new system are better understood.
3. We think the IF should be subsidized initially but not indefinitely, independent of whether it’s reached its target. This limit could be defined in a number of ways ($, time, etc) but the important thing is to determine a certain point at which the PERP DAO will stop subsidizing the private markets architecture.
4. To complement point 3, PrM DAO stakers should face at least some real risk of being slashed. In other words, even if the IF is not at its target, there’s always the PrM DAO tranche.

I think we have to accept/assume that USDC will be regulated by the SEC: SEC Subpoenas USDC Stablecoin Backer Circle — CoinDesk

It’s possible it will be regulated like a bank, but more likely like a security.

Either way, given the strategy thus far is to avoid US regulation by geoblocking user access, we should be doing everything now to support ETH collateral. And conceivably accept dividend payments in PERP only rather than USDC as originally conceived in the early days.

Essentially plan for moving on from USDC now in case it’s a single point of decentralised failure in the future.

We’re definitely keeping an eye on this, as is all of DeFi. It seems likely this SEC action is regarding Circle’s lending product, not the USDC product, guessing by the SEC’s recent threats toward Coinbase over their lending plans. Regardless, it’s something we’re watching closely!