search

superfluid-finance / superfluid-sentinel

MIT License
24 stars 13 forks source link

[OBSERVABILITY] Identify accounts posing a solvency risk #293

Closed d10r closed 2 months ago

d10r commented 9 months ago

Problem: We currently have no forward-looking solvency monitoring. Mass liquidations or high-value liquidations come as a surprise.

AC: criteria for defining "high risk" accounts with regard to solvency.

d10r commented 9 months ago

There's 2 aspects which can render an account "high risk":

  1. many outgoing flows (be it CFA or GDA flows)

  2. high (in terms of USD value) aggregate outgoing flowrate

  3. is high risk because insolvency of the account places all outgoing flows in the liquidation queue at ones. In theory there could be so many that all the blockspace of the liquidation period (currently 4h) is not enough to liquidate them all in time. In practice no account is anywhere close to that limit, but it's risky anyway:

    • the sentinel implementation could be overwhelmed by the load (we don't know its limits and behaviour under such circumstances very well)
    • sentinel accounts could be drained and stop operating
    • if the insolvency happens during a time of high gas prices, such an event could be very costly for sentinel operators if not configured defensively

  4. is high because if for any reason (e.g. temporary chain congestion or even outage, unknown sentinel bug) liquidation of such an account wouldn't happen in time (while the buffer isn't fully consumed), that would eat into the PIC bond (which are currently rather small) or even make the protocol partially insolvent.

Highest risk is the combination of 1. and 2., especially considering that such a combination could be how a malicious actor trying to steal from the protocol would set up.

At first, it may seem that we only need to pay attention to accounts which based on the current state would become insolvent insolvent in the near future. E.g. an account with a runtime of years could with a single ERC20 transfer be placed seconds from insolvency.

Proposed criteria:

  1. 100+ outgoing flows
  2. 100+ USD/hour of aggregate outgoing flowrate

Both criteria are per account and SuperToken.

Next: figure out how to query for accounts satisfying this conditions.

  1. is possible with just on-chain data while 2. requires a price oracle. I suggest to restrict the scope to SuperTokens which are listed and which we consider "relevant". May be the same set of tokens we set a min deposit for.
d10r commented 9 months ago

See Leo's Insolvency Prediction Dashboard

mmd-afegbua commented 3 months ago

PR: https://github.com/superfluid-finance/garden-infra/pull/163