Here is an update on the previous post about the Algofi bug bounty.
As I mentioned I addressed the Algofi team’s concern about interest rates and asked them to respond.
More importantly, I informed the Algofi team that
I identified a scenario with no market condition or price assumptions and solely based on Algofi internal protocols that the attacker/abuser takes zero risk, creates a real chaos in Algofi, makes a ton of money and causes significant losses to Algofi users, effectively stealing their money, and eventually this process leads to a spiral death. It should be reproducible on the testnet.
Here is the Algofi’s team response to the first attack scenario:
We’ve reviewed your variation on the original proposal where instead of borrowing the STBL (backed by USDC) the attacker purchases the STBL in the open market.
We do not find that this creates an exploitable situation and in fact somewhat simplifies the situation. As all STBL is overcollateralized in the lending market, the STBL the attacker has purchased in this scenario will continue to be backed by borrowers. As such as the attacker accumulates a growing share of the outstanding STBL they will be creating additional buy demand. As those who sold the STBL in the first place now have STBL borrow positions they need to repay in order to regain access to their collateral. When the attacker’s position begins to be liquidated, there will be an equal depth of STBL borrowers who are now able to buy back their STBL at a reduced price (as liquidations include a 7% premium). This buy pressure allows for liquidations to operate as expected at the expense of the attacker.
To put the above in a more straightforward order-of-events outline:
1) attacker purchases 50M STBL via the open market- after this is complete STBL borrowers are now in possession of at least 50M less STBL than they currently owe
2) attacker uses purchased STBL as collateral and max-borrows ALGO
3) At some point ALGOs price moves such that the attacker is now liquidatable (note liquidatable is not the same as undercollateralized)
4) Liquidators liquidate the attacker repaying ALGO and seizing STBL at a 7% premium
5) Liquidators sell seized STBL into AMM market where it is consumed by borrowers in order to cover their borrow positions at a discount- as the attacker would almost certainly have to pay at or above peg to accumulate the STBL position, borrowers are now covering their STBL short position taking profit
Additionally, given the scale of the proposed attack (50M STBL), it is fair to assume this is operating in an ecosystem at least 50x the current size as currently it would be impossible to accumulate more than ~1.5M STBL through direct AMM purchases without causing significant price deviation. As such it is also reasonable to assume that in this significantly larger ecosystem there will be proportionally greater liquidity for liquidations.
At this point the Algofi core team considers this bug report resolved as a non issue. We appreciate your continued attention and involvement with the Algofi protocol. Please let us know if you have any further questions or alternate scenarios you would like us to consider.
Here is my response including the new attack scenario:
Thanks for the response. This is what I expect to receive as part of a back and forth on this report.
What you described sounds reasonable at the high-level but missing important details which impact what can happen in reality.
Let’s establish a few basic arguments/facts:
1. First, the argument I’m trying to make is that STBL is not safe to scale and as soon as its market cap gets larger, which can happen in a short period of time, it poses a huge risk.
2. Borrowers (those who borrowed and sold) are trapped. Why? Because they cannot exit unless new borrowers come in. Let’s say there are 15M long and 15M short positions and 5M from this amount is in the swap pool. If borrowers want to pay back 6M, there must be new borrowers to the system. The current argument is that incentives (for example the lower interest rate, utility, etc.) are set in a way that new borrowers will emerge. However this is not true. Just knowing the fact that borrowers might get trapped and forced to pay much higher interest rates (see below), losing all their collateral, destroys all the appetite for STBL.
3. STBL holders are trapped. They cannot exist from their position because there is not enough liquidity at every moment in the pools. Yes, STBL is overcollateralized but it may take an arbitrary amount of time for them to be liquidated. If STBL gets depegged, the higher interest rates and eventual liquidation may not be a solution because depegging can cause bad debt in the system which broke the whole overcollateralized assumption.
4. STBL is considered $1 on both sides of lending no matter how depegged (positive or negative) it is, which poses a risk to the lending and liquidation protocol.
5. STBL creation can accelerate significantly by both rehypothecation and higher interest rates. There is a fundamental difference between STBL and other collateral. When borrowed it is not from the current circulation supply but creation of new supply.
Now here is an attack scenario:
An attacker uses the above facts, acquires a large amount of STBL (long position), uses three different approaches to constantly keep the price below .99 and increase the interest rate (the key here is that the inflow of USDC is way lower than STBL creation):
** Constantly sell the STBL interest received on his/her STBL holdings.*
** Borrow against the STBL position and set a sell wall at .99.*
** Use scenarios like the previous one (borrowing Algos) and force a liquidator to own a large STBL position.*
So the attacker keeps the sell pressure when there is no significant buy pressure and lets the price go up for short periods of time (so it doesn’t impact the interest rate that much) when there is a buy pressure and sells at higher prices pushing the price back down. So a reactive approach is used to keep the price most of the time below .99 and sometimes higher than 1.1 (or even higher depending on the buy pressure). Soon enough the appetite for STBL goes to zero as more participants understand the risks and significant price swings, which leads to STBL to get largely depegged. At this point not only an unlimited amount of STBL can be created (due to a very high interest rate) but it can be used to borrow assets with much higher values, which is used by the attacker as the exit strategy.
Please let’s have this moving forward fast rather than delaying it constantly.