Why Rebasing Mechanisms Demand Rigorous Stress Testing

Elastic supply protocols are critically dependent on external price feeds. A manipulated oracle can trigger unwarranted, irreversible rebases, permanently diluting or concentrating supply.

• Attack Vector: Flash loan to skew DEX price, triggering a faulty rebase signal.
• Consequence: Permanent capital misallocation; the rebase cannot be rolled back.
• Mitigation: Require >3 independent oracles with time-weighted average prices (TWAPs) and circuit breakers.

Negative rebases (contractions) during a downtrend force automatic selling from treasury or staking contracts, creating a reflexive feedback loop that exacerbates the price drop.

• Mechanism: Protocol sells reserve assets to buy back and burn supply, increasing sell pressure.
• Amplifier: Cascading liquidations in leveraged positions (e.g., Ethena's sUSDe).
• Test Scenario: Simulate a >40% drawdown against Curve/Uniswap V3 pools to model slippage and IL.

Rebasing tokens break standard ERC-20 assumptions, causing silent failures in DeFi legos like Aave, Compound, and Pendle. Balances change without transactions, confusing integrators.

• Problem: Lending protocols may see collateral value change without a trigger for liquidation.
• Yield Protocols: Pendle's yield tokens miscalculate future rebase accruals.
• Solution: Rigorously test integrations with top 10 DeFi protocols using forked mainnet state.

Elastic supply parameters (rebase frequency, deviation thresholds) are often governed by token holders. A malicious actor can parameterize the system to fail or extract value.

• Attack: Acquire governance tokens to set rebase threshold to 0.1%, causing constant, gas-intensive rebases.
• Extraction: Modify treasury allocation to drain funds via "legitimate" rebase mechanics.
• Defense: Implement Time-locks, Governance Minimization, and multisig veto on critical parameters.

Predictable, scheduled rebases create a massive MEV opportunity. Bots can frontrun the supply adjustment, arbitraging the predictable price impact at the expense of regular holders.

• Opportunity: Buy before a positive rebase (inflation), sell immediately after the token price adjusts.
• Scale: For a $1B market cap, a 1% rebase moves $10M in value.
• Solution: Introduce rebase randomness (e.g., within a 4-hour window) and commit-reveal schemes.

Elastic supply tokens bridged via LayerZero or Axelar must rebase simultaneously on all chains. A lag or failure on one chain creates arbitrage gaps that can drain the treasury.

• Failure Mode: Rebases on Ethereum mainnet but not on Arbitrum for 10 blocks.
• Arbitrage: Mint on lagging chain, bridge, redeem on updated chain.
• Requirement: Atomic cross-chain transactions or a pause-bridge-resume mechanism for all >5 supported chains.

Rebasing logic is only as strong as its price feed. A manipulated oracle can trigger runaway minting or burning, permanently breaking the peg. This is a systemic risk for any protocol like Ampleforth or OlympusDAO that relies on external data for supply adjustments.\n- Attack Vector: Flash loan to skew DEX price, triggering incorrect rebase.\n- Consequence: Arbitrageurs drain protocol reserves, causing total collapse.

Positive rebases mint tokens directly to holders, creating massive, predictable sell pressure. If liquidity is shallow, this causes slippage death spirals where selling pushes price down, triggering more aggressive negative rebases the next cycle.\n- Key Metric: TVL-to-Market Cap Ratio must be monitored.\n- Failure Mode: Liquidity providers flee, leaving the pool unable to absorb supply shocks.

Rebasing tokens break standard ERC-20 accounting. When integrated into DeFi legos like Compound or Aave, balance changes can cause unintended liquidations or broken interest calculations. The Euler Finance hack showcased similar integration risks.\n- Problem: Lending protocol sees collateral balance decrease post-rebase.\n- Solution: Requires wrapper tokens (e.g., stETH) which add another layer of risk.

Rebasing protocols are governed by DAOs that control critical parameters: rebase frequency, deviation threshold, oracle selection. A captured DAO can set parameters to destabilize the system for profit. This is a political attack vector as seen in early MakerDAO governance battles.\n- Critical Parameters: Rebase lag, deviation threshold, whitelisted oracles.\n- Mitigation: Time-locks, multi-sig guardians, and circuit breakers are non-negotiable.

Rebase calculations are a predictable on-chain event. Bots can front-run the supply adjustment, exploiting price discrepancies on DEXs like Uniswap or Curve. Stress tests must simulate MEV bot activity at scale to validate oracle update frequency and slippage controls.

• Attack Vector: Predictable state change creates arbitrage.
• Test Metric: Measure slippage impact and TVL drawdown under coordinated bot attacks.

A mass rebase event during peak network congestion (e.g., an NFT mint on Ethereum) can trigger exorbitant gas fees, causing transactions to fail and breaking the rebase mechanism. Protocols need a circuit breaker.

• Failure Mode: Rebase txs are outbid, leaving supply desynchronized.
• Solution Test: Validate gas-gated execution and L2 fallback mechanisms (like Arbitrum or Base) under simulated >500 Gwei conditions.

A rebasing token like Ampleforth integrated into a money market (e.g., Aave) or yield aggregator creates nested dependencies. A rebase-induced liquidation cascade can propagate through the entire DeFi stack.

• Systemic Risk: Price/supply volatility triggers unintended liquidations.
• Integration Test: Model cascading failures across 5+ integrated protocols to find critical leverage thresholds and oracle staleness limits.

Rebasers targeting a peg (e.g., UST's failure) must withstand sustained, coordinated selling pressure. Stress testing isn't about small deviations but black swan de-pegs.

• Real-World Parallel: UST's death spiral occurred under sustained >$2B redemption pressure.
• Mandatory Test: Protocol must prove it can execute corrective rebases while under >30% sell pressure over 72 hours without collapsing.

Rebase parameters (frequency, magnitude, thresholds) are often governed by token holders. A malicious proposal or voter apathy can brick the system. Stress tests must include governance failure scenarios.

• Attack Vector: Parameter change to trigger extreme, destabilizing rebases.
• Defense Test: Validate timelock efficacy, quorum safeguards, and emergency multi-sig overrides under simulated voter collusion.

A rebasing token bridged via LayerZero or Axelar must maintain supply parity across chains. A delay or failure on one chain creates arbitrage that can drain liquidity. This is a wormhole-style exploit waiting to happen.

• Failure Mode: Supply update lags create infinite mint vulnerabilities on lagging chains.
• Interop Test: Simulate bridge delay attacks and validate pause mechanisms across EVM, Solana, Cosmos appchains.