Prophecy Machine Governance Attack in Maker: How to make Maker's mechanism more perfect?

Foreword: Maker has launched a new version of Multi-asset Mortgage (MCD), an important event in the history of DeFi development. Although the decentralized stable currency Dai is not as central as the stable currency in terms of asset circulation and asset cost, it has opened up a new type of stable currency, which is an important event in the history of encryption. However, Maker will encounter some problems in the process of exploration. This article focuses on the problem of tactical attack attacks in Maker. Even for the success of attacks, there may be the possibility of attacking DAO. Of course, from the current point of view, because MKR has a certain concentration, the possibility of prophecy attacks in the text is very small. Of course, even if the possibility is small, it will give further warning to Maker design and management: how to make Maker's mechanism more perfect, more decentralized, how to make the system more secure, how to make MKR play a more appropriate role, there are many Need to improve the problem. The writer is Ariah Klages-Mundt. Translated by "SIEN" from the "Blue Fox Notes" community.

The security of the Maker Stabilizer Dai relies on a trusted oracle to provide price information. These are chosen through chain governance. Therefore, the price information stream of the predictor can be manipulated by the MKR token holder.

This article will discuss attacks on Maker, which is similar in style to 51% attacks, but does not necessarily require 51% of MKR tokens. In this case, an alliance can make a profit by manipulating governance to "steal" system collateral. These attacks affect both Sai (the stable currency of a single mortgage asset), the implementation of the MCD, and similar systems with chain governance.

The result of these attacks is that, at current and historical market prices, the “completely decentralized” Dai is unsafe because of its motivating imbalance. The “complete decentralization” here requires that the MKR tokens must be fully dispersed to achieve decentralization. The current Maker system is semi-centralized because most MKRs are held by a handful of Maker individuals and Maker Foundations.

This means that the market may discount the value of MKR because it is not fully dispersed. Therefore, Dai's security relies on trust in the Maker Foundation and the possibility of legal recourse in the event of an attack.

Either the market is not aware that the possibility of MKR governance attacks will lead to a lower price limit, or the market is saying that if Maker is completely decentralized, then MKR will be more valuable.

These attacks also indicate that Dai has serious scaling problems: In order to maintain its security, MKR value needs to grow faster than Dai and its mortgage asset supply. Dai and CDP (Blue Fox Note: The new version of Maker no longer has CDP, replaced by Vault small vault) holders need to raise the price for their security. In essence, holders of stable assets need to hold large positions in high-risk assets to ensure the security of their stable positions, which may undermine the purpose of stabilizing the currency.

I.Maker Governance: Prophet and Global Settlement

The Maker system is governed by MKR token holders, who vote on the chain to determine their system parameters and processes. They took on three important tasks related to the safety of the oracle.

First, the MKR holder determines the list of Maker trusted oracles. The Maker system relies on these trusted oracles to provide real-world price data that is used to determine the clearing threshold for CDP.

Second, the MKR holders affect the protection of the oracle's manipulation. The Maker system will build the maximum predictor price change at a given time ("Price Flow Sensitivity Parameter"), and there will be an hour delay when the new oracle price is in effect. The MKR holder can directly determine the price information flow sensitivity parameter.

Third, MKR holders can identify the “Global Settlement” group, which triggers global settlement. Therefore, they can effectively control global settlement. In global settlements, the Maker system is frozen and participants (Dai and CDP holders) are able to recover a portion of their mortgage assets, depending on the final predictor price.

Assuming honest MKR governance, the oracle can be reasonably controlled. The hourly price delay provides an emergency oracle time (predetermined by the MKR holder) to respond to the attack. The Maker price stream uses the median price of the oracle, so most oracles (including emergency oracles) will have to collude with each other.

The maximum predictor price change limits the direct severity of the attack. Moreover, if all else fails, the price delay will provide time for the global settler (predetermined by the MKR holder) to trigger global settlement.

II. Prophecy Machine Attack in Maker

In the case of dishonest MKR holders, two important attacks can occur:

  • MKR→ CDP exit attack

MKR token holders can hold a large number of CDPs, collusion to choose the Ethereum price → ∞ oracle, and then trigger global settlement. (Blue Fox notes: ∞ is the symbol of "infinity", meaning to increase the price of the ETH oracle to infinity)

  • MKR→ Dai exits the attack

MKR token holders can hold a large number of Dai, collusion to choose the Ethereum price → 0 oracle, and then trigger global settlement. (Blue Fox Note: By quoting the ETH price of the oracle to 0, it triggers the liquidation of CDP. Because of the need to purchase a large amount of Dai due to liquidation, this can cause MKR governance attackers who hold Dai tokens to profit from it.)

In both cases, the value of the collateral is transferred to the dishonest MKR holder by holding CDP or Dai respectively. The profitability of CDP or Dai will depend on the MKR value required to drive the attack.

Please note that the oracle protection built into Maker does not prevent these attacks. Dishonest MKR holders can collude before the attack to set a higher hourly maximum price change. Through the oracle, they can combine the maximum price changes over multiple hours. This time gives the other participants (such as Dai and CDP holders) time to respond. Let's take a look at what happens in the Dai market:

  • In the MKR→CDP exit attack, when the Dai holders realized that they were manipulating the attack, they expected Dai's long-term price to return to zero. The Dai market began to sell in large quantities as all Dai holders tried to convert it to other assets. This has caused Dai prices to fall, but this does not prevent dishonest MKR holders from continuing to predict machine maneuvers and trigger global settlements to realize revenue.
  • In the exit attack of MKR→Dai, when CDP holders realized that they were manipulating the attack, they expected their share of collateral value in global settlement to be zero. They are anxious to unlock their collateral. MKR holders partially blocked this by setting a higher threshold for excess mortgages. In order to unlock the collateral, CDP holders are eager to buy Dai. However, Dai holders now expect their Dai to be more valuable. Then, the price of the Dai market has risen, and at this time, the CDP holder has lost money. Dishonest MKR holders can continue to predict machine manipulation and trigger global settlement to achieve their benefits.

To ensure successful attacks, collusion MKR holders will need to control more than 50% of MKR tokens. However, less than 50% of tokens may also achieve successful attacks. For example, voting participation is usually very low, the network may be blocked, and honest participants have little chance to respond, and dishonest MKR holders may collude with miners to review votes and CDP collateral transactions. (Blue Fox Note: MKR governance voting generally rarely exceeds 100,000 votes, that is, less than 10% of tokens participate in governance)

Another added complexity is that MKR is also destroyed when CDP is turned off. Therefore, in the MKR→Dai exit attack, the attacker seems to be able to attack the oracle with less than 50% of the token. Once CDP holders begin to shut down CDP, they actually get all 50%.

III. At current prices, Maker governance is fragile

The potential benefit of these attacks is the total value of the mortgaged assets locked in Maker. The cost of these attacks may be 50% of the MKR supply. If rewards > cost, then there is an illegitimate incentive for MKR holders seeking profit. In this possible balance, most MKR holders collude to launch such an attack. (Blue Fox Note: The total value of mortgage assets currently locked in Maker is $338 million, and 50% of the total value of MKR is $331 million. From this perspective, the significance of launching a prophetic attack is not particularly significant)

As of November 5, 2019, the value of these mortgage assets was C = 336 million US dollars, the market value of MKR was M = 555 million US dollars, and the market value of Dai was D = 96 million US dollars. This creates a potential attack benefit:

Under the MKR→CDP exit attack, this represents the return of the United Alliance:

Under MKR→Dai exit attack, this represents the return of the United Alliance:

After the price of MKR has increased in recent days, the profitability of this attack has dropped to 19 million US dollars. This is still very impressive, especially considering that the attack revenue is only from the SCD system with a smaller current cap size, and the MKR price outlook comes from the MCD released by it (Blue Fox Note: released on November 18, 2019), expected It will get a bigger scale of revenue. The chart below tracks the complete history of these profit measures. These attacks will be more profitable during many extended periods.

The potential profit of MKR prophet attack from history

Actual profitability may be higher

Please note: For some reason, the actual profitability may be higher. First, it is reported that the Maker Foundation holds about 30% of MKR, and it has promised not to participate in governance voting. If they insist on doing this, or if they remove their voting rights from the smart contract at some point in time, then fewer MKR tokens are needed to reach a coalition that controls the share, which greatly reduces the cost of the attack. The chart below illustrates a significant increase in profitability in this case.

If the token share held by the Maker Foundation does not participate in the voting, historically the potential profitability of the MKR propeller attack.

Second, a small number of MKR token holders and key miners can collude to achieve an attack. Third, you can combine attacks to take advantage of other Maker-based oracle-based systems.

Other complications

There are some complications that may affect the analysis. If an attacker needs to get an MKR, they need to buy or borrow. The interest rate for borrowing MKR may be very low (there is a small pool of $300,000 in NUO in September, the interest rate is 2.6%), and large-scale acquisitions may trigger market squeeze effects, and if many MKRs hold If someone is a long-term honest holder, this acquisition is also difficult to achieve. (Blue Fox Note: At present, MKR's lending rate on NUO is only 0.04%, but it is not practical because there are too few MKRs in the pool)

Similarly, if an attacker needs to acquire a large amount of Dai or CDP, it is difficult given the market power. A successful buy will take a long time. Similarly, the cost of gas that performs the attack step will also affect its profitability.

Coordinating collusion with "attack DAO"

In other words, in fact, we don't know who holds MKR, Dai, and CDP at the same time, and many agents may collude. We can't rule out the possibility that some alliances control portfolio assets to make an attack profitable. If there is such an alliance, there will be an improper motivation to collude and launch attacks.

To ensure that enough collusors are coordinated, you can create an "attack DAO" that combines the required assets and triggers the attack steps to make a profit.

IV. Consequences of MKR pricing

MKR value stems from two factors:

  • Regular (cash) value of regular cash flow
  • Conditional cash flow value from governance manipulation

The regular cash flow comes from the cost of Maker, which is the stabilization fee, which is used to destroy MKR, which is similar to the company's stock repurchase program, which will reduce the supply of tokens.

MKR value is related to regular cash flow, while regular cash flow is related to Dai's growth expectations, as the larger Dai system will incur more costs. The conditional cash flow of governance manipulation represents the likely profitability of launching an MKR attack, such as the 51% attack mentioned above. This is an “alternative” way that MKR holders can cash out.

In order to ensure protection from governance, the market value of MKR must be at least 2 times higher than the value of the overall mortgage asset. If you consider the more complex attacks mentioned above and the Maker Foundation's commitment not to vote, the market value may need to be more High talent. (Blue Fox Note: If you think differently, this also shows that the value of Maker comes not only from cash flow but also from governance value)

It can be said that the decentralized Dai MKR price should reach this level through market forces, otherwise the attack will provide similar arbitrage opportunities for some alliances (although not fully clear).

Semi-centralized influence

As mentioned in the introduction, the Maker system is currently semi-centralized: most MKRs are said to be held by the Maker Foundation, as well as some Maker individuals. In this case, the governance attack can only be initiated by Maker himself.

This type of attack can be identified and therefore has potential legal liability. In this case, the lower MKR price is understandable because the potential legal liability offsets any incentive to launch an attack to get a quick profit. However, in this case, you can only trust Maker. (Blue Fox Note: This article is said that because the Maker Foundation holds a large number of MKR, even if the price of MKR is not very high, the possibility of external attacks is not great. At the same time, due to legal liability, the Maker Foundation may launch an attack. Not too big.)

Since the attacks mentioned above may be profitable at the moment, either the market is unaware that the potential for MKR governance attacks will result in a lower price limit for its security, or that the market discounts MKR because it is not completely decentralized. . In other words, if the MKR token holders are more dispersed, the value of MKR may be higher. (Blue Fox notes: Because in the case of dispersion, only MKR is more valuable to protect the system and make the attack unprofitable)

Can cash flow ensure system security?

For the above reasons, we can assume that today's MKR price represents the expectation of buying and destroying MKR's regular cash flow, which comes from CDP operations and is essentially similar to stock repurchase.

This provides valuable data for designing a security system like this. Importantly, this shows that in most cases, these cash flows are not sufficient to ensure the security of the Maker. In fact, if Maker is sufficiently fragmented, regular cash flow for share buybacks may not be as important to ensure governance security, as we might expect rational agents to push MKR prices up to attack value.

From a security perspective, only the share repurchase can push the MKR price slightly above the attack value. Therefore, since Maker is semi-centralized, there is an effective tax on users to support MKR prices, while fee income may be better moved to support long-term stability.

Extensibility problem

These attacks mean that Dai has significant scalability issues: In order to maintain security, MKR value must be much faster than Dai supply and locked mortgage assets. Therefore, in order to secure their funds, Dai and CDP holders may need to push up the MKR price. As a result, holders of stable assets need to hold large positions in high-risk assets to ensure the security of their stable positions, which may be detrimental to the purpose of stabilizing the currency.

V. Try to solve these problems

The above-mentioned attacks and problems occur on a broader scale: the game between the stable currency, CDP holders and MKR holders, who strategically determine the portfolio of assets they hold. Modeling this game helps us understand the assets that different players need to hold in order to ensure system security (for example, how many MKRs are appropriate). In particular, players can't take the risk of getting some people to hold most of the MKR, and they use a suitable portfolio of assets to implement a profitable attack.

In this case, there are several points worth exploring. It helps us understand how tokens are distributed to ensure system security. If the risk asset holdings need to be high, it is not worthwhile for many players to participate in this game (for example, the stable currency holder must hold MKR to ensure the security of the system in order to ensure the security of the Dai, this pair They are not worthwhile.)

In which case, is it worthwhile for the player to push up the price of the token to ensure system security? In addition to pushing assets to safe prices, is there any other balance? What are the consequences for all the volatility involved in tokens?

Finally, the MKR price is derived from the “creative” value associated with the mortgaged asset, the value of which is several times the value of the mortgaged asset. The MKR value reflects the uncertain future of Dai's stable currency. In a system crash (such as an attack), the total value of the system falls to the value of the mortgaged asset, which will cause many people to lose everything.

MKR seeks to absorb these losses and, in this case, becomes worthless, and it has an obligation to liquidate mortgaged assets against stable currency and CDP holders. However, through the expansion of the above attacks, stable currency and CDP positions also bear this risk. If the MKR price is below the safe level, then various MKR, stable currency and CDP positions may lose their value in the liquidation. These risks should take into account the volatility of these assets.

Regardless of whether it is intentional or not, Maker's solution to these problems is to centralize governance and attribute trust to Maker (although it is generally not used unless it is seriously threatened). This is not necessarily a problem, and many traditional systems operate in this way. However, we should publicly understand the maintenance of this trust. It is worth noting that attacks can still be carried out through the collusion of a few miners.

Based on the conversation with the Maker team at Devcon, the settings for the appropriate threshold to trigger global settlement have been discussed, for example, set to 10% MKR. However, it is unclear whether it solves the incentive problem discussed here.

One of the reasons is that for an honest 10% MKR alliance, it is unclear whether triggering global settlement early in the attack is the best response. This is because their value is severely damaged (possibly returned to zero) in attack-based liquidation. There may also be other liquidation abuses from dishonest 10% alliances.

After understanding the incentives, you can re-understand the game between MKR, CDP and stable currency holders. With different settings, the potential result may be that the attacker gives a bribe to the 10% MKR Alliance.

Resolving these issues in a distributed manner remains an open question, so it is important to design a rigorous mechanism for the above mentioned issues.


Risk Warning: All articles in Blue Fox Notes can not be used as investment suggestions or recommendations. Investment is risky. Investment should consider individual risk tolerance. It is recommended to conduct in-depth inspections of the project and carefully make your own investment decisions.