Open hats-bug-reporter[bot] opened 1 month ago
Those malicious whales would be creating a big target for honest whales (or honest regular associated actors) to contest it, the liquidity of the markets is not the only incentive to fix bad answers
the liquidity of the markets is not the only incentive to fix bad answers
Yes, i do agree, but how to prevent someone from being malicious on a protocol level? Would you pay >0.5 eth to Kleros or 0.4eth(as a bond to post an answer) to save your $100 winnings? Nah, you wouldn't. Now imagine dozens of users with small bets without being able to correct the answer. Anyways, would love to get the feedback and propose a solution to prevent this behaviour on-chain.
Thanks! @greenlucid
Would you pay >0.5 eth to Kleros or 0.4eth(as a bond to post an answer) to save your $100 winnings? Nah, you wouldn't.
the attacker has put 0.2 eth as bond. so if I put 0.4 eth and I win, I make 0.2 eth + my 100$ winnings. if attacker doubles again, I take it to kleros
also read Out of Scope:
Issues about reality.eth + Kleros (see https://reality.eth.link/app/ & https://court.kleros.io/) misresolving questions. We assume that wrong answers on reality are always corrected (by doubling the bond or creating a dispute).
Thanks! @Rassska
Yeah, I think the confusion there is between cost and budget. The bond is a budget requirement, not a cost requirement. You don't lose it. So for any wrong answer, someone can double the bond and will get as a reward 50% of is budget. This already happened in practice in another prediction market using Kleros + reality (in the Kleros covid case, where despite a smaller market, we had way more money in bonds).
Per competition rules, are excluded:
Github username: @Rassska Twitter username: m_Rassska Submission hash (on-chain): 0x95b8b57b0bd879a451debd8d4e1fe92743a8ff3f052cc44bab800a3355d7ee43 Severity: medium
Description: Description
Currently, the Seer relies on reality.eth for resolving the market outcomes. Reality itself allows to anyone to provide an answer for the question, if sufficient bond was provided. Upon finalizing the market, reality takes the last answer as a truth and the market could be resolved based on that answer.
If the users think that the answer was not correctly delivered, they have an option to open a dispute so that the arbitrator can step in. In order to do that, they have to pay a certain fee to the arbitration committee. However, the problem might erise, when it's not economically worth to open a dispute.
Attack Scenario
Mitigation Steps