lucas-manuel
commented
3 years ago This is a valid concern, but not something that we are going to mitigate before launch. We are going to plan for PDs to atomically liquidate and burn.
Open code423n4 opened 3 years ago
lucas-manuel
commented
3 years ago This is a valid concern, but not something that we are going to mitigate before launch. We are going to plan for PDs to atomically liquidate and burn.
Arachnid
commented
3 years ago I think this a valid finding; whether or not it's intended to be mitigated pre-launch, the Sponsor acknowledges it's a valid concern, and not something that's declared as part of the protocol's intrinsic assumptions. These sort of findings are exactly what audits are intended to uncover and bring to the attention of users as caveats when using the system. I concur with the Warden's assessment of Medium.
Handle
@cmichelio
Vulnerability details
Vulnerability Details
When the protocol suffers a default, the BPT stakers are the first line of defence and the protocol trades the BPT pool tokens for the single-sided liquidity asset of the Balancer LIQUIDITY <> MPT pool. (
PoolLib.handleDefault)Note that a pool token to single-asset trade is the same as burning the LP tokens to receive an equal amount of all underlying tokens, and then trading all other tokens received for the single asset.
This means on each default MPT tokens are sold for the liquidity asset. As the default is potentially a huge amount that happens at once, this creates a huge arbitrage opportunity.
Impact
As the default suffered can be a huge amount and the "repayment" happens at once, this creates a huge arbitrage opportunity. The MPT token price goes down. The borrow could also be incentivised to not repay the loan and take advantage of the arbitrage opportunity, either competing themselves on-chain or through shorts/bets on the MPT price.
Recommended Mitigation Steps
Hard to completely mitigate. Pool delegates should be especially careful when giving out high-value loans and demand high collateral lockup.