Priced Based Security Vectors

Price manipulation attacks are a common vector for DeFi protocols, particularly when they rely on an external price feed, such as Uniswap V3's TWAP. The cost of a price manipulation attack is linearly correlated with the duration of the price manipulation, increasing further with the size of manipulation. Generally, this means that the longer manipulation is required, the higher the cost of the attack.

A common form of manipulation attack is performed by cycling newly minted tokens through the market to drop the cost to mint, then repeat again at the new lower price, often leveraging flash loans to do so in high volumes.

When minting occurs through the growth markets, there is a short delay placed on withdrawal of the newly minted $THEO. The minimum delay is 1 week. This delay serves several functions:

First, it limits the viability of short term price cycling because it gives time for the market to come back to equilibrium and prevents the use of flash loans to mint $THEO.

Second, the delay asymmetrically reveals information about new emissions and funding to all other market participants before the tokens become liquid and enter the market, giving others time to react.

Finally, this window also allows for the discovery of abnormal minting activity, such as an exploit. If an exploit is discovered, the emergency multisig has permission to pause withdrawals on the growth market contract.

The most important factor for the price variable is its sensitivity to volatility. Too much sensitivity, and it is easily manipulated. Too little, and the curve may not be fairly priced relative to the market. Due to the longevity of the underlying leases and assets, there is significant time for the market to discover and efficiently price $THEO. As such, the price variable is better suited to low sensitivity and high stability.

The price variable in the price curve is determined based upon a 6-month sampled average of 8-hour TWAP observations. Approximately once per month, at a randomized interval, a new observation is added to the sample, with a maximum array size of 6. The newest observation in the set replaces the oldest. The average price of these 6 observations is computed, resulting in the 6-month sample average variable used in the price curve. This also means that the variable is less sensitive to any individual observation, and it will take a period of 6 months to normalize to a drastic change in price.

Currently the deepest market, the majority of the liquidity and volume for $THEO are on Uniswap V3. This makes it well suited to act as a source of price discovery, and the TWAP should reflect an accurate price across the market. However, as the size of the protocol grows and the total liquidity is fragmented across multiple sources, it may become more appropriate to shift to a volume-weighted price oracle, such as Chainlink.

Last updated