T-Woodward
commented
3 years ago No, a small order can’t move lastImpliedRate significantly. When someone trades with the AMM they do not get to choose at which price they trade. The price they trade at, and thus the lastImpliedRate, is a function of the size of their trade relative to the size of total liquidity in the pool. A small trade relative to pool liquidity will not meaningfully move the interest rate.
ghoul-sol
Handle
tensors
Vulnerability details
Impact
Consider the following attack vector. An attacker risks a very small amount of capital ($0.01, for example) to alter the lastImpliedRate, losing the $0.01 by executing a very bad trade. If no one is willing to arbitrage the rate down for the $0.01, or no one notices/reacts quickly enough the attacker can wait until the timeWindow is about to complete and execute a trade on his altered lastImpliedRate.
The upside is that for a very small risk the attacker has a good chance of earning a profit. This works no matter what the timeWindow is.
Obviously, this doesn't work if the lastImpliedRate is weighted by volume. Can the developers confirm that the implementation doesn't allow this to happen?
Proof of concept
Based off of the formula/text here: https://github.com/code-423n4/2021-08-notional/blob/main/contracts/internal/valuation/_README.md
Recommendations
Make sure the size of the trade used to calculate the last implied rate is taken into account. Consider adding a volume factor to the formula, similar to a TWAP.