Aave v3 Polygon deployment: $GHST token as risk factor to cause bad debt & be exploited for price manipulation

Aave v3 Polygon deployment: $GHST token as risk factor to cause bad debt & be exploited for price manipulation

This forum post is published by nonstopTheo on behalf of Riskdao.org

$GHST is a potential risk factor for Aave’s v3 Polygon deployment. While low LTV ratio somewhat mitigates a price manipulation attack, there is a question mark on how well an underwater account with $GHST debt could be liquidated. It is a small cap asset that might cause problems in the following ways:

  • $GHST as borrow asset: The protocol will struggle to liquidate positions where users borrow GHST. If the price increases materially, the protocol won’t be able to liquidate the collateral asset for GHST, accruing bad debt.
  • $GHST as collateral: Become the center of a price manipulation attack, similar to what happened with Mango and Moola Markets recently. There is about $69m in available liquidity on Aave v3 Polygon which is an attractive target.

In this article, we show how the need to liquidate a $825k loan of $GHST can cause a 2x increase in Aave platform-wide bad debt. And analyze the risk ofAave v3’s Polygon deployment to fall victim to price manipulations that have wreaked havoc at Mango Markets, Moola Markets and Venus Protocol.

We conclude by suggesting Aave to put in place supply & borrow caps for $GHST to mitigate any potential attacks.

Overview

Aave’s v3 deployment on Polygon holds about $100m in TVL of which $69m are not utilized. This provides a highly attractive honeypot for any malicious actor.


Source: app.aave.com

Of that $69m, $50m are highly liquid stablecoins or large cap tokens like ETH, BTC and MATIC.


Source: app.aave.com | Selection of top assets on Aave v3 (Polygon)

$GHST Aavegotchi

Among the assets, $GHST stands out as a potential risk vector: It’s a small cap asset with a market cap of $45m and minimal trading volume yet has an uncapped “reserve size”.

A look at CoinGecko reveals relatively thin trading activity across major CEX pairs. Huobi & OKX even show +2% slippage for less than $1,000 trade sizes! Which indicates their reported trading volume is likely fake.


Source: CoinGecko (20 October, 10:30am GMT)

DEX liquidity appears even thinner than what CoinGecko data suggests. Both 1inch.io and Quickswap quote 5.5%-6% slippage for a $150k trade.

$GHST has no reserve limit, contrary to many other assets on the Aave v3 market. However, the LTV is capped at a relatively low level of 25%.

Utilization rate and interest income are relatively low.

Potential problems for Aave v3

Inability to liquidate $GHST borrow position, causing bad debt

The thin DEX liquidity is cause for concern for $GHST as a borrowed asset which could potentially cause material bad debt.

Liquidations, i.e. purchases of $GHST in return for the collateral asset, would cause material price increases.

On a normal weekday, $1m of USDC buy order causes a 40% price increase. If liquidations are caused by rising $GHST prices, these liquidiations would add further buy pressure, pumping the price. A $2m buy order would send the price to $2.02 from current levels.

The below graphic helps visualize how bad debt would accrue to Aave. We assume a user that deposits USDC 1m as collateral to borrow $GHST.

In the outlined scenario Aave would be stuck with bad debt to the tune of $450k. Looking at the RiskDAO bad debt dashboard, this would be a doubling of platform-wide bad debt. Caused by a $0.83m borrow position in $GHST which is an immaterial revenue contributor to Aave.

Price manipulation attack

Recent activity has shown that price manipulation attacks are a realistic threat to any lending protocol.

Attackers do not even shy away from identifying themselves, pretending to operate in a law-free environment. This has brought more attention to price manipulations as “highly profitable trading strategies” that could also target blue-chip protocols like Aave.

$69m in available liquidity is highly attractive to any attacker.

Looking at the Binance order book, an attacker can pump the price to $7, and clear the entire ask-side of the book, with as little as $2.1m (snapshot: 20 Oct noon GMT).

That is a 6x increase vs current prices of $1.15.

Sophisticated attackers can exploit the thin liquidity and trading activity, especially during low trading periods (e.g. weekends).

24hrs trading volume on the main DEX Quickswap has been on a steady downward trajectory over the last month and oscillating between $30k-150k recently.

Looking at the trading activity, it is apparent that there are windows of opportunities where an attacker can artificially inflate the $GHST with a limited bankroll.

Notwithstanding the low LTV of 25%, this could potentially be successful to drain significant parts of the lending market’s liquidity.

Conclusion

Aave v3 is facing new challenges in this tough market environment. Trading volumes are steadily decreasing and attackers are looking for opportunities to exploit loopholes.

$GHST as an asset is a clear outlier on Aave v3 Polygon markets due to the small size and low trading volumes. Given the new realities in DeFi, we would urge the Aave community & team to put safeguards in place to protect from adverse actions. Specifically, we suggest capping both the supply and demand side of the GHST markets at current levels (ie no further $GHST can be supplied or borrowed).

By following this recommendation, the protocol’s stability will be hardened without compromising revenue growth: The GHST market is not a major revenue generator and thus we don’t consider the current risk-return profile appropriate.

Hi @nonstopTheo a few questions:

Was the ability for GHST to be minted via the Aavegotchi Bonding curve considered in this analysis?

Would isolation mode solve this attack vector, letting the DAO set precise exposure?

GHST is probably one of the least risky assets on Aave. The tight bonding curve on L1 and quite efficients MM arbitrage with Binance orderbooks make the asset a “semi-stablecoin.”

Would not recommend using this asset to plan an attack on Aave.

Chainlink oracle is taking multiple sources of liquidity for the price feed and manipulating this asset price is likely harder than it seems.

3 Likes

In the post, we touch one two potential issues: Bad debt & price manipulation risk. We consider both event probabilities as non-zero. We were not aware to the bonding curve source liquidity source, and thanks @MarcZeller @oneski22 for pointing it out to us. The curves mostly mitigate our concerns about price manipulation, but would like to point out that there are still concerns around the difficulty in debt liquidations that would stem from an organic price increase in GHST price .

We tried to estimate how quickly liquidity would flow from the Ethereum mainnet bonding curves to the polygon chain, to facilitate GHST debt liquidations. However, we were not able to successfully complete the kyc process due to some technical glitches at the fractal.id website. While cross chain bridges, and/or bridging via deposit and withdrawal on binance.com are promised to take only a few minutes, in practice they could take a very long time. In the case of GHST, additional latency is added in the form of the bonding curve buy/sell order. And due to technical issues were not able to assess how quickly this can be executed.

Looking at the GHST chart, we notice sudden swings, especially in 2021.

We would need to do additional modeling around the bonding curve and how it mitigates sudden price increases, especially as it requires bridging of liquidity from ethereum to polygon.

Potential for bad debt

We still have concerns about how quickly liquidations could happen when $GHST is a borrowed asset and the price organically rallies. There have been days in the past when $GHST went up by 20%+ (eg 27/7/2021).

Responses to specific comments

We did not explicitly factor it in and would have to perform additional modeling.

Limiting the borrow amount is a way to mitigate these issues.

Concerning the bad debt issue, we assume that prices can increase due to organic market activity, not necessarily as a result of malicious actions.

Hey Theo,

I wanted to respond back to this given the curiosity around the price spike and the relevancy of this thread in the new Risk Parameters adjustment requests in Polygon V2. [ARC] Risk Parameter Updates for Aave V2 Polygon and Aave V3 AVAX 2022-11-23

In my eyes a big component involved in that short-term price action can be explained by the commencement of an AavegotchiDAO vote on 7/26/21 where the community confirmed the hosting of a “GBM auction” where users can earn $GHST from outbidding each other and/or win rare NFTs by participating in the drop mechanism.

Historically this led to run-ups in $GHST price whenever dates were confirmed around this type of event and a few land sale auctions that occurred later on also reflected that same type of behavior in question.

Here’s a link to that snapshot vote:
https://snapshot.org/#/aavegotchi.eth/proposal/QmTuVnGnZSUC4uWRVQrd3HwmJATtvJVpjNikCkifChyJwY

Medium article:

I hope this helps the discussion around the new ARC thread, provides a better understanding of GHST’s specific risk parameters, and more generally provide further context as to why prices may have spiked so much around that date.

1 Like