You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Liquidations in Overlay are incentivized by paying a liquidation fee to the liquidator that is based on a percentage of the remaining value of the position:
This means underwater positions have no incentive to be liquidated, and bad positions may remain in the system. While the maintenance margin does provide a buffer on the positions value to prevent positions from going underwater before liquidation, it's possible for the maintenance margin to be fully consumed during a tail-risk event, such as a large price swing after the rollup sequencer has been offline for a duration.
Exploit Scenarios (most likely to least)
A rollup sequencer outage is followed by a large-swing oracle price update, instantly consuming the entire maintenance margin of weak positions.
A large spike in gas fees from an NFT mint leads to a liquidatable position not being liquidated while its maintenance margin decays.
Recommendation
Short term, Overlay should run its own liquidator bot that detects and liquidates underwater positions to prevent toxic debt from coalescing.
Long term, build an emergency liquidation fund mechanism that can pay out a minimum liquidation fee for underwater positions. This mechanism would have to be be relatively complex to avoid manipulation, so it should not be implemented as a short-term mitigation.
The text was updated successfully, but these errors were encountered:
Severity: Medium
Difficulty: Medium/High
Liquidations in Overlay are incentivized by paying a liquidation fee to the liquidator that is based on a percentage of the remaining value of the position:
v1-core/contracts/OverlayV1Market.sol
Lines 425 to 428 in 40e416c
However, the value of a position may be "underwater," and its value clamped down to zero:
v1-core/contracts/libraries/Position.sol
Lines 229 to 238 in 40e416c
This means underwater positions have no incentive to be liquidated, and bad positions may remain in the system. While the maintenance margin does provide a buffer on the positions value to prevent positions from going underwater before liquidation, it's possible for the maintenance margin to be fully consumed during a tail-risk event, such as a large price swing after the rollup sequencer has been offline for a duration.
Exploit Scenarios (most likely to least)
A rollup sequencer outage is followed by a large-swing oracle price update, instantly consuming the entire maintenance margin of weak positions.
A large spike in gas fees from an NFT mint leads to a liquidatable position not being liquidated while its maintenance margin decays.
Recommendation
Short term, Overlay should run its own liquidator bot that detects and liquidates underwater positions to prevent toxic debt from coalescing.
Long term, build an emergency liquidation fund mechanism that can pay out a minimum liquidation fee for underwater positions. This mechanism would have to be be relatively complex to avoid manipulation, so it should not be implemented as a short-term mitigation.
The text was updated successfully, but these errors were encountered: