Secured Finance Deep Dive series
Addressing Potential Exploits in DeFi Lending Orderbook
Implementation of ‘Minimum Collateral Threshold’
Secured Finance is committed to democratizing finance through its decentralized yield curve trading marketplace. Our unique on-chain orderbook system offers a robust platform for trading zero-coupon bonds in cryptocurrencies. While we are proud of our innovative approach, we are also vigilant about potential vulnerabilities. We are pleased to announce that we have successfully detected and mitigated a potential exploit during our testnet phase. This article aims to shed light on this exploit and introduce our new risk management feature, the ‘Minimum Collateral Threshold.’
The Exploit: A Step-by-Step Breakdown
Our protocol was susceptible to an exploit that could allow an attacker to manipulate the bond market and withdraw more assets than they should be able to. Here’s how the exploit could occur:
Step 1: Borrowing Cash
The attacker starts by borrowing cash against sufficient collateral. In our system, the maximum Loan-to-Value (LTV) ratio is 80%. Essentially, this is equivalent to selling a zero-coupon bond.
Step 2: Market Manipulation
The attacker then manipulates the bond market to drive the bond prices down as much as possible.
Step 3: Lowering Loan-to-Value Ratio
As the bond price decreases, the Present Value (PV) of the loan also decreases, which in turn lowers the Loan-to-Value (LTV) ratio. The attacker can then withdraw both the borrowed asset and as much collateral as possible.
Step 4: Triggering Liquidation
After the withdrawal, the market rebounds, worsening the attacker’s LTV and triggering the liquidation process. The attacker allows their position to be liquidated, sacrificing collateral.
Step 5: Profit at the Expense of the Protocol
The attacker ends up withdrawing more money than they lose in collateral, effectively stealing from the protocol.
A Numerical Example
For a more concrete understanding, consider this example:
1. Initial Conditions
Borrowing: The attacker initiates the exploit by borrowing 100,000 USDC. They provide collateral of 125,000 USDC, which is more than sufficient given our maximum Loan-to-Value (LTV) ratio of 80%. At this point, the bond price is at 95.00.
- Future Value (FV): The Future Value of the loan, or the amount the attacker is obligated to pay back, is calculated as 105,263 USDC.
- Loan-to-Value (LTV): Initially, the LTV is calculated as 100,000/125,000×100=80%
2. Market Manipulation
Driving Prices Down: The attacker then manipulates the bond market, driving the bond price down to an extreme low of 25.00.
- New Present Value (PV): The Present Value of the loan now decreases to 105,263×25.00/100=26,315 USDC.
- New LTV: The new LTV becomes 26,315/125,000×100=21.05%
3. Exploiting the Lower LTV
Withdrawal: With the new, lower LTV, the attacker can now withdraw more assets. The required collateral at 80% LTV would be 26,315/0.8=32,894 USDC.
- Collateral Withdrawal: The attacker can now withdraw 125,000−32,894=92,106 USDC in collateral.
- Total Withdrawal: Adding the initially borrowed 100,000 USDC, the attacker can withdraw a total of 92,106+100,000=192,106 USDC.
4. Triggering Liquidation
Market Rebound: As the market starts to recover, the bond price gradually returns to its original level of 95.00. This worsens the attacker’s LTV, triggering the liquidation process.
- New PV: The Present Value of the loan returns to its original state, which is 100,000 USDC.
- New LTV: The LTV now becomes 100,000/32,894×100=304.04%, far exceeding the 80% threshold.
5. The Aftermath
Profit and Loss: The liquidator steps in to liquidate the attacker’s position. However, the attacker has already withdrawn 192,106 USDC while only losing 32,894 USDC in collateral.
- Net Gain: The attacker’s net gain from this exploit is 192,106−32,894=159,212 USDC.
By walking through this detailed numerical example, it becomes evident how an attacker could exploit the system to make a significant profit at the expense of the protocol. This is precisely why we have implemented new risk management features like the ‘Minimum Collateral Threshold’ to safeguard against such vulnerabilities.
Mitigating the Risk:
To counteract this exploit, we have implemented two key risk management features:
We upgraded the ‘Circuit Breaker’ feature which limits the bond price fluctuation for the next block, making flash loan attacks more difficult.
Minimum Collateral Threshold
This is a new safeguard that requires borrowers to pledge sufficient collateral based on a pre-set bond base price.
The Role of ‘Minimum Collateral Threshold’ in Mitigating the Exploit
Initial Conditions with Minimum Collateral Threshold
Base Bond Price: In this example, let’s assume the bond has a 1-year tenor and falls under Category A. The pre-set base bond price for this category is 90.00.
As before, the attacker manipulates the bond market, driving the bond price from 95.00 down to 25.00.
- New Present Value (PV): The Present Value of the loan decreases to 105,263×25100=26,315 USDC.
- New LTV: The new LTV becomes 26,315/125,000×100=21.05%
Minimum Collateral Threshold:
Despite the market manipulation, the ‘Minimum Collateral Threshold’ feature requires the attacker to maintain collateral based on the pre-set base bond price of 90.00.
- Required Collateral: The required collateral would be calculated as 105,263/90×100/0.8=118,421 USDC.
- Maximum Withdrawal: With the ‘Minimum Collateral Threshold’ in place, the attacker can only withdraw 125,000−118,421=6,579 USDC.
For more details including the Category settings, you can refer to our Gitbook documentation.
Security and robust risk management are cornerstones of our mission at Secured Finance. While our unique on-chain orderbook system offers unparalleled opportunities in the decentralized finance space, it also comes with its own set of challenges and vulnerabilities. We are pleased to have proactively identified and mitigated a potential exploit during our testnet phase, thereby reinforcing the integrity of our platform.
The Role of ‘Minimum Collateral Threshold’
One of the most significant steps we’ve taken to enhance security is the implementation of the ‘Minimum Collateral Threshold.’ It’s crucial to note that this safeguard specifically targets bond short sellers or borrowers of money. Given the nature of zero-coupon bonds, which start at a deep discount and are redeemable at par (a price of 100 on our platform), borrowers inherently face increasing collateral requirements as the bond’s maturity date approaches.
Protecting Borrowers, Lenders and the Protocol
The ‘Minimum Collateral Threshold’ serves a dual purpose:
- For Borrowers:
It helps avoid unnecessary liquidations by requiring borrowers to maintain sufficient collateral, especially as the bond nears its maturity date.
- For the Lenders and Protocol:
It protects against price manipulation attacks, ensuring that even in volatile market conditions, the system remains secure and the reserve fund is untouched.
It mitigates insolvency risk, thereby safeguarding the lenders’ money channeled through our protocol.
By implementing this feature, we aim to strike a balance between facilitating ease of trading and ensuring the utmost security for our users and the protocol itself. Our commitment to transparency and proactive risk management is unwavering, as we continue to innovate and democratize finance through our decentralized yield curve trading marketplace.
About Secured Finance
Secured Finance is revolutionizing the digital asset landscape by constructing interbank-grade capital markets. Our innovative protocol is designed to offer a secure, flexible, and scalable fixed-income solution for digital assets. Comprised of a team of expert investment bankers, we are committed to integrating traditional finance wisdom into the realm of cryptocurrency and digital assets.
Stay informed and connected with us for further information and updates.