saucepoint
commented
11 months ago I appreciate the feedback, I believe this is a valid concern which is why I have a pending refactor to use a TWAP oracle instead of spot price. While the v4 TWAP will have permanent liquidity, its possible that attackers withdraw liquidity from the stoploss pool
a preventative measure would be probably require users specifying a slippage tolerance when they submit their stoploss orders
I think this contract might be exploitable. I believe the following type of transaction would be profitable to an exploiter at the expense of users who took out stop-loss orders:
1) Users take out stop-loss orders to sell 100 ETH when the USDC/ETH ratio falls below 1500. 2) USDC/ETH ratio is slightly above the stop-loss price, say 1501. 3) Exploiter takes out a 10,000 ETH flashloan and sells it all for USDC 4) Hook triggers and the users' 100 ETH is sold for MUCH less than it's worth, lowering the USDC/ETH ratio in the pool even further 5) Exploiter buys back his 10,000 ETH plus extra at the new, lower price 6) Exploiter pays back flashloan and pockets the difference (minus swap and flashloan fees)
It's not trivial to avoid this risk without adding a lot of complexity. Happy to discuss further.