- Oct 2023
-
www.cabinetmagazine.org www.cabinetmagazine.org
-
The question becomes, how do you get two alien binary logics to communicate?
This is a good paper about how the "quantum mechanics demands new logic" meme isn't really true:https://arxiv.org/pdf/2206.10667.pdf
-
Mathematician Claude Shannon with his labyrinth-traversing mouse Theseus, invented in 1950.
The essay does mention Shannon, but it doesn't really explain why bits are the smallest possible unit of information, defined in a way that relates to entropy in thermodynamics.
-
Hegel 2.0 The imaginary history of ternary computing
The Church-Turing thesis also goes unmentioned:
-
- Aug 2022
-
-
appropriate Key Management
Di Angelo and Salzer (2020) divided wallets into six types.
-
Summarization of Methods for DeFi Optimization
squashed resource table of methods for DeFi Optimization.
-
Summarization of Methods for Smart Contract Vulnerability Regulation
Great reference table for SC vulnerability regulation
-
Summarization of Methods for Smart Contract Vulnerabilities Detection
great reference table for SC vulenrabilities detection
-
Summarization of Real-world Attacks Exploiting Different Types of Vulnerabilities
usefull table of vulnerabilities, features, victims, dates and $ amount
-
While the 푐 cannot be measured directly from technicalmethods, it requires analysis of specific social situations, sothe oracle problem is controversial in terms of social issues.
Example of controversial social problem for oracles
-
Oracle risks can be divided intotechnical and social problems
technical and social problems
-
A Survey of DeFi Security: Challenges and Opportunities
Title
Tags
- pattern detection
- technical
- controlled
- m-sig
- Dynamic Taint Technique
- distributed
- Game Theory
- ML Static Analysis
- semantic lifting
- simple
- PTT
- centralized
- DSL
- smart
- symbolic execution
- DeFi
- social
- update
- squeeth
- Fuzz
- Mapping Knowledge
- forwarded
- symbolic reasoning
- LLVM IR
- Formal verification
- Contract Transformation
Annotators
URL
-
-
www.mdpi.com www.mdpi.com
-
However, the thesis is confirmed mainly by the fact that, on October 2020, an attacker used a flash loan to borrow enough MKR to pass a governance proposal to change the MKR oracle whitelist parameter and managed to push his feeder to the allowlist
Hard to fit into a specific taxonomy
-
Miners Extractable Value (MEV) Problem”
Since blockchain is publicly auditable, it is also possible to have a look at pending transactions that have still to be confirmed. If, for example, in the transaction pool, we observe a swap of thousands of DAI for another asset, this will surely impact prices. If we then perform a transaction and pay a higher fee so that our transaction is mined before the swap, then we can benefit from that prioritized action.
-
-
berkeley-defi.github.io berkeley-defi.github.io
-
Question 1 (Incentive Security). Is there mutually profitable con-tinued participation across all required parties?
EDU content should have "reflection" segments with these kind of questions to help guide reader's curiosity and knowledge --> socratic method
-
-
pure.tudelft.nl pure.tudelft.nl
-
The Ethereum mempool is a Dark Fores
Three body problem sequel
-
-
theblockchaintest.com theblockchaintest.com
-
The diagram below shows how The DAO ecosystem is built using Ethereum.
Reference diagram for ethereum/dao ecosystem
-
Copyright © 2020 George Samman and David Freuden
Great inforgraphic about the state of DAOs
Title: DAO: A decentralized governance layer for the internet of value
-
-
Local file Local file
-
The Medianizer algorithm
makerdao is not open to syntetix-like attack <- the latter only had two price discovery sources.
-
Oracle Module logic
incentivize honest price reporting
-
Empirical Measurementson Pricing Oracles andDecentralized Governancefor Stablecoins
title
inner-workings of pricing oracle adn decen gov systems
accuracy of the pricing oracle over time
disagreements between pricing repotrs
robustness of the de-gov system
-
-
link.springer.com link.springer.com
-
Now the Code Runs Itself
This is just such a great title!
-
-
scholarspace.manoa.hawaii.edu scholarspace.manoa.hawaii.edu0593.pdf5
-
Comparison of the MakerDAO with the gold bullion and gold exchange standard
Interesting: comparing MakerDAO with trad monetary parallels
-
On-chain governance is facilitatedby three central smart contracts.
On-chain governance entails three main smart contracts:
Chief-->select primary contract Pause --> enforce a delay in calls Spell --> set tech constraints like system parameters.
-
A DAO is a blockchain-based system thatenables people to coordinate and govern themselvesmediated by a set of self-executing rules deployed ona public blockchain, and whose governance isdecentralized (i.e., independent from centralcontrol).
the latest definition
-
According to Cuende, “A DAO is an internet-native entity with no central management which isregulated by a set of automatically enforceable ruleson a public blockchain, and whose goal is to take a lifeof its own and incentivize people to achieve a sharedmission.
Great definition of a DAO
-
he De-Central Bank in Decentralized Finance:A Case Study of MakerDAO
Title
-
-
Local file Local file
-
The Proposed Taxonomy
similar taxonomy, better table
-
-
eprint.iacr.org eprint.iacr.org1007.pdf14
-
Time constraints
timestamps guarantee the coherences of the state of contract after the execution.
Exposes to attack, because a miner can choose the timestamp with a certain degree of arbitrariness.
-
Generating randomness.
EVM execution is deterministic. How to account for randomness?
Pesudo random generator, probability distribution.
-
Exception disorder
Solidity based. Irregularity in how exceptions are prioritized.
-
Unpredictable state
state of the contract it determined by the value of its fields and balance.
sequentiality -->contract's state is not guaranteed
-
Stack size limit.
1024 frame + invocations throws an exception
-
Ether lost in transfer
Orphan address
-
Immutable bugs
Immutability entails bugs!
-
Keeping secrets.
MP games
-
Reentrancy
the fallback mechanism may allow an attacker to re-enter the caller function
-
Call to the unknown
Solidity flaw related to primitives used to invoke functions.
-
Type casts
type mismatch
-
Gasless send
incuring an out-of.-gas exception.
-
Taxonomy of vulnerabilities in Ethereum smart contracts
Three levels: language, ecosystem and infrastructure.
-
A survey of attacks on Ethereum smart contracts
Title: A survey of attacks on Ethereum smart contracts
-
-
www.dasp.co www.dasp.co
-
Unknown Unknowns
Unforseeable consequences
-
Arithmetic Issues
theft vectors or ddos vectors with integer overflow.
-
Front-Running
time of check vs time of use - TOCTOU
transaction ordering dependence
-
Denial of Service
SC can be taken offline forever. gas limit breach.
An attacker sees a potential attack and calls the function, directing all the contract's funds to its admins. This destroys the promise of escrow and blocks all the pending bid
-
It was first unveiled during a multimillion dollar heist which led to a hard fork of Ethereum. Reentrancy occurs when external contract calls are allowed to make new calls to the calling contract before the initial execution is complete.
Reenter attack - The DAO. Basically withdrawal calls before the end of initial execution.
-
-
Local file Local file
-
Blockchain technology suffers from several cybersecurity vulnerabilities
Client side: private key, hash function, mining malware, software
Consensus mechanism: sybil attack, al. history attack, finney attack
Mining pool: BWH attack, Bribery
Network: Ty Malleability attack
Smart contract: solidity, EVM ,Bytecode
-
A Taxonomy of Blockchain Threats andVulnerabilities
Title: A Taxonomy of Blockchain Threats and Vulnerabilities
-
-
stanford-jblp.pubpub.org stanford-jblp.pubpub.org
-
Pooling capital is just one of the potential operational efficiencies presented by DAOs
fundraising
-
Members rely on smart contracts as the primary glue to manage member-to-member transactions.
smart contracts act as social cohesion
-
how to manage open source technology that—by design—involves highly autonomous software.
Manage open source tech that entails autonomous software.
-
modern-day alchemists who minted Bitcoin
great reference
-
-
Local file Local file
-
Our findings indicate that vault management has improveda lot over the observation period, which we consider acornerstone of Maker’s resilience to stress situations likeBlack Thursday.
improved vault management over the study periodž
-
MAKERDAO
what is MakerDAO
Vaults, governance, oracles, collateral auctions
-
While the events ofMarch 2020 were unfortunate for several users, the resilienceat protocol level proved to be good even under stress.
Stress resilience for MakerDAO is, despite the black swan event, good.
-
Empirical Evaluation of MakerDAO’s Resilience
Title
-
-
thedefiant.io thedefiant.io
-
MakerDAO is intensifying its strategic shift to embrace real world assets.
real world assets for collateral diversification?
-
-
medium.com medium.com
-
Oracle-governance attacks in Maker
Dishonest MKR holders have at their disposal two attack vectors.
A game played between stablecoin, CDP, and MKR holders (and also potentially miners)
One of the main things is that the price is calculated by taking the MEDIAN of several Oracles, so no one Oracle can significantly upset the value - it would require many Oracles to be compromised. They were also talking about having a 1 hour delay on prices from oracles in MCD which would allow for an emergency vote to be taken if an attack was occurring.
-
honest 10% MKR coalition
Is it?
-
Whether intentional or not, Maker’s solution to these issues has been to centralize governance ownership and place a trust link to Maker (though it may not necessarily be invoked unless presented with a serious threat).
Centralized governance pressuposes bening rulers
-
how tokens need to be distributed to secure the system
holding of risky asset is high? bid up gov price
-
‘Attack DAO
coalition of MKR, Dai and CDP holders.
-
large acquisition would have a market squeeze effect and may be difficult if many MKR holders are honest, long-term hodlers.
honest MKR holders can be suspicious of a large acquisition so this can result in market squeeze. However, the attackers will have to spread ther acquisitions over a long period.
-
They are entrusted with three important tasks that are related to oracle security.
populate the list of trusted oracles influence protections against oracle manipulation determine the set of global settlers
-
Actual profitability may be significantly higher
30% of MKR is in the hands of Maker Foudations who are not aking part in gov voting.
-
At current prices, Maker governance is vulnerabl
reward>cost creates a perverse incentive
-
The attack could potentially be successful with much less, however. For instance, voter participation is typically very low, the network can be clogged so that honest participants have little chance to react, and dishonest MKR holders could collude with miners to censor voting and CDP collateral transactions. Another added complexity is that MKR is burned when closing a CDP. Thus an attacker in the MKR→Dai Exit Attack could seem to attack the oracle with <50% of MKR and, once the CDP holders start closing the CDPs, actually gain the full 50%.
can be lower than 51%
low voter participation clogged network colusion with miners to censor voting and CDP collateral tx
when cdp is closed the MKR is burned, therefore an attacker could potentiall - through time - gain full 50%
-
MKR→CDP Exit Attack
Dai crashes
-
MKR→Dai Exit Attack
CDPs, i.e. ETH crashes
-
Assuming honest MKR governance, oracle manipulation may be reasonably controlled.
Controlling the manipulation with hourly price delays, median price feed implies majority collusion, maximum oracle price limits, price delays give ample time for global settlement.
-
global settlement
Maker system is frozen and participants (Dai and CDP holders) are able to recover their portion of the collateral as determined by the last oracle price.
-
trusted oracles
An oracle is a mechanism to aggregate and broadcast data from external off-chain sources onto the blockchain. For a stablecoin, the oracle is used to approximate the fair value of the underlying collateral asset in order to guarantee collateralization and thereby the stability of the stablecoin through time.
-
o maintain security, MKR value needs to grow substantially faster than Dai and collateral supplies. Dai and CDP holders need to bid up these prices for their security. Essentially, stable asset holders need to hold significant positions in a very risky asset in order to secure their stable position, which may defeat the purpose of the stablecoin.
Let's see the articulation of this vague protoargument.
-
Either the market doesn’t realize that the potential for MKR governance attacks should lead to a lower bound on pricing, or the market is saying that MKR would be worth more if it were fully decentralized.
This dillema is interesting. So, because because MRK in 2019 was not sufficiently decentralized, i.e., security of DAI relied on a blind trustlink to tke Maker Foundation, the market EITHER does not realize that since there is the possibility of low friction attacks that MRK should be priced much lower OR that MKR when fully decent would be worth more.
Now here is one issue - How can MKR have a centralized tendecy and at the same time be open to potential gov attacks. Gov attack vectors emerge from expansive and not centralize gov.
-
fully decentralized’ Dai is insecure from incentive misalignment.
low attack cost or high attack value?
-
These attacks affect both the current single-collateral Dai (SCD or ‘Sai’) and the upcoming multi-collateral Dai (MCD) implementations, as well as similar systems with on-chain governance.
51% is not neccesary to manipulate governance to steal the system's collateral.
-
51% attacks
Sybil attack
-
Vulnerabilities in Maker: Oracle-Governance Attacks, Attack DAOs, and (De)Centralization
Gu, Wanyun and Raghuvanshi, Anika and Boneh, Dan, Empirical Measurements on Pricing Oracles and Decentralized Governance for Stablecoins (May 26, 2020). Available at SSRN: https://ssrn.com/abstract=3611231 or http://dx.doi.org/10.2139/ssrn.3611231
-
-
portswigger.net portswigger.net
-
bug bounty program
one ways to counter security flaws in SC is to incentivize bug hunting.
-
-
Local file Local file
-
ANALYSIS OF ATTACK EVENTS
-
Flash loan is a type of unsecured lending that relies on the atomicity of blockchain transactions at the point of execution and adds dynamism to DeFi
-
Reentry attack " the DAO"
-
Arithmetic bug
-
-
Application Layer Vulnerabilities
Lending market imperfection cryptocurrency instability design imperfection abusive exposure tx
-
Smart Contract Vulnerabilities
20 SC vulnerabilities in Ethereum
https://dl.acm.org/doi/10.1109/TSE.2020.2989002
18k SC, 92% with the avg of six vulnerabilities
Suicidal nad Greedy contracts
Block info Dependancy
Unchecked exteranal call
-
onsensus Mechanism Vulnerabilities
Tx order
Forking
-
Data Security Vulnerabilities:
Oracle mechanism
Key management
-
Security Analysis of DeFi: Vulnerabilities, Attacksand Advances
Title
-
-
Local file Local file
-
Empirical Measurements on Pricing Oracles andDecentralized Governance for Stablecoins
Title:
-
Governance: The Way Forward
simplify the voting process
provide alerting tools
allow votes delegation
-
The malicious party could elect a completely new set of external pricefeeds to compute the reference price of collateral asset, since it is calculated as the median pricefeed. Inside the MakerDao V2 median contract, for example, if a malicious entity can changethe bar parameter that represents the size of the quorum, or if the attacker can successfullypermission a new set of price feeds to replace the existing quorum, they could skew the value ofthe reference price. This would cause the Oracle to use an incorrect price Poracle to determine thevalue of CDPs and thereby the supply of Dai in circulation, destabilizing the stablecoin from itspar value to the dollar. Even if the market stabilized and the system recovered from this attack,during the period when Dai was de-pegged, the attacker can take profits through price arbitragesimilar to the Synthetix oracle attack that had occurred
MakerDao v2 median contract
-
Choice of price feeders.
oracles
-
-
medium.com medium.com
-
How to turn $20M into $340M in 15 seconds
-maker is aware of this exploit:
https://www.researchgate.net/publication/339374442_The_Decentralized_Financial_Crisis_Attacking_DeFi
Governance Security Module
https://makerdao.world/en/learn/governance/param-gsm-pause-delay
-
-
blog.makerdao.com blog.makerdao.com
-
These valuable contributions strengthened the system and should be actively encouraged in the future.
this should not contingent
-
(e.g., the ability to quickly onboard new collateral types and change risk and auction parameters).
This calls for a dynamic gov process relative to the market conditions. Gov-->clear and open in stable markets Gov-->versatile and swift in fast-paced changes
-
A diverse collateral portfolio would have reduced the impact of severe market events on the system
Devirisifaction can mitigate future attacks of this nature
-
Maker Governance moved fast to vote in Debt Auction parameter fixes and changes and additions to the system. The community quickly launched further analytic tools, allowing observers to better follow system fixes and changes. See the changelog. The zero-bid events of March 12-13 led to a collateral auction shortfall amounting to approximately 5.4M+ Dai. Around 1,200 Maker Vaults became under-collateralized and were subsequently liquidated. As noted above, the Maker community is currently discussing the circumstances surrounding the zero bids and resulting liquidations
How Maker resaponded to the mempool manipulation
-
-
www.blocknative.com www.blocknative.com
-
MakerDAO liquidations on March 12 and 13
A company that keeps data on Ethereum mempools around the world, Blocknative, may have an explanation for the "zero-bid" attack on MakerDAO on Black Thursday. Mempools are a holding bin for transactions waiting to get mined into blocks. Under market stress, they tend to get clogged. Blocknative found an endless stream of clever, worthless transactions in mempools on the day of the attack, apparently designed to make it hard for transactions to get through. Falling ETH prices triggered auctions of collateral on MakerDAO. Because the mempools were clogged, bidders could not get bids on those auctions through in many cases, allowing attackers to win ETH collateral with bids worth $0. The attackers walked away with $8.3 million
-
-
a16zcrypto.com a16zcrypto.com
-
Projects must strike a balance
DAO governance is on a spectrum. There are tradeoffs between expansive governance and its security. Attack barriers have colateral effects in also increasing benign user's friction in gov participation.
-
Under such a scheme, even if an attacker makes a malicious proposal, voters have the ability to respond and shut it down.
veto power for buying time for adequate response from community
-
For instance, some projects have time locks so that a coin can’t be used to vote for some period of time after it has been exchanged.
Similar idea to the"eloboosting" that is happening in esport games like csgo and lol <--this is a great angle to explain the "time lock" mechanism and why it makes sense.
-
introduce frictions that make it harder for an attacker to exercise voting power even once they have acquired tokens.
could employ various social/network proofs, proof-of-humanity...
-
The more community members are free to gain governance power and influence the protocol, the easier it is for attackers to use that same mechanism to make malicious changes.
indistinguishability problem and premissionless voting
-
progressively decentralizing
Contradicting the previous point about decreasing the value of attacks, i.e. large quorums are one remedy to decrease the value of attacks because they increase governance friction, but this means that they are centralization vectors --> progressive centralization
-
To reduce liquidity indirectly, projects can provide incentives that make individual token holders less willing to sell.
Staking or standalone value like soc exp pr in-person events.
-
so almost paradoxically, projects might want to reduce liquidity for the sake of protecting governance.
the same reversal can be found in the decreasing the value of an attack approach: incentives for an attack are aligned with the DAO success.
-
Nevertheless, designers can limit the value of attacks by limiting the scope of what governance can do
Semi-DAO?
-
A framework for assessing and addressing vulnerability
Attacker's profit is equal to value of the attack minus cost of voting power acquisition and cost of attack execution
-
inefficient outcomes
incentive failures, inertia or active capture by malicious actors
-
From the DAO’s perspective, the attacker’s anonymous accounts could contribute to the appearance of a healthy level of decentralized voting power
perverted participation
-
Beanstalk, a stablecoin protocol, found itself susceptible to governance attack via flashloan
flashloans to acquire gov tokens for malicious proposals, e.g., to seize $182M of Beanstal's reserves.
-
In one prominent example, Steemit, a startup building a decentralized social network on their blockchain, Steem, had an on-chain governance system controlled by 20 witnesses. Voters used their STEEM tokens (the platform’s native currency) to choose the witnesses. While Steemit and Steem were gaining traction, Justin Sun had developed plans to merge Steem into Tron, a blockchain protocol he had founded in 2018. To acquire the voting power to do so, Sun approached one of the founders of Steem and bought tokens equivalent to 30 percent of the total supply. Once the then-current Steem witnesses discovered his purchase, they froze Sun’s tokens. What followed was a public back-and-forth between Sun and Steem to control enough tokens to install their preferred slate of top 20 witnesses. After involving major exchanges and spending hundreds of thousands of dollars on tokens, Sun was eventually victorious and effectively had free reign over the network.
example of an in-protocol attack
-
But permissionless voting is vulnerable to governance attacks,
protocol complian attacks that can be mitigated through mechanism design
Tags
- hold
- authentication
- framework
- eloboosting
- tron
- exploitation
- DAO cohesion
- flash-heist
- Nouns Foundation
- decentralization
- gov
- catch-22
- reputation checks
- delegation
- ORG integrity
- timelock
- pure governance
- Surreptitious
- in-protocol
- mechanism design
- single-block
- PoS similarities
- centralization
- steemit
- network security
- attestation
- large quorums
- sun
- DAO governance
- tradeoffs
- roadblock
- gradual
- Beanstalk
- nounsDAO
- reduce
- permissionless voting
- flashloan
- veto power delay vote
- accumulation
- standalone benefits
- limit governance
- progressive decentralization
Annotators
URL
-