Economic Attack Vector

An attack where a borrower uses uncollateralized, instantly issued and repaid loans to manipulate on-chain markets or protocols. The attacker borrows a large sum, executes a series of transactions to exploit price discrepancies or governance mechanisms, and repays the loan within the same block, profiting from the difference.

• Key Mechanism: Atomic execution within a single transaction block.
• Common Target: Lending protocols, decentralized exchanges (DEXs), and price oracles.
• Example: Borrowing ETH to artificially inflate the price of a token on a DEX, then using that inflated token as overvalued collateral to drain a lending pool.

An attack that exploits the dependency of DeFi protocols on external price feeds (oracles). The attacker manipulates the price data a protocol relies on, typically by creating artificial trading volume on a vulnerable DEX to skew the reported price.

• Key Mechanism: Creating wash trades or exploiting low-liquidity pools to feed incorrect data.
• Impact: Allows borrowing excessive funds with undervalued collateral or triggering faulty liquidations.
• Defense: Use of decentralized oracle networks (e.g., Chainlink), time-weighted average prices (TWAP), and multiple data sources.

An attack where an entity acquires enough voting power (typically governance tokens) to pass malicious proposals that drain treasury funds or change protocol parameters for their benefit.

• Methods: Token accumulation via flash loans, exploiting low voter turnout, or leveraging tokenomics flaws.
• Goal: Redirect protocol fees, mint unlimited tokens, or disable security mechanisms.
• Prevention: Time-locks on execution, multi-sig guardians for critical functions, and quadratic voting to reduce whale dominance.

A predatory trading strategy targeting users nearing liquidation on lending platforms. The attacker spots a vulnerable position, manipulates the asset's price (often via a small trade) to trigger the liquidation, and then profits from the resulting liquidation penalty and market slippage.

• Process: 1) Front-run the liquidation transaction. 2) Manipulate oracle price. 3) Buy the liquidated collateral at a discount.
• Victim: Borrowers with positions close to their collateralization ratio threshold.
• Mitigation: Use of keeper networks with private transaction relays and more robust oracle designs.

A scheme where developers or insiders artificially inflate (pump) the price of a token through marketing and fake volume, then suddenly sell (dump) their holdings, abandoning the project and crashing the price.

• Rug Pull Variants: Hard rug: malicious code (e.g., hidden mint function) drains liquidity. Soft rug: developers slowly exit positions after hype.
• Red Flags: Anonymous teams, excessive token allocation to devs, locked liquidity with short timers.
• Economic Impact: Direct value extraction from late-arriving investors; erodes trust in nascent projects.

An attack that renders a protocol economically non-viable by exploiting its fee structure or reward mechanisms, making it too expensive for legitimate users to operate.

• Mechanism: Spamming the network with low-value transactions that claim disproportionate rewards or incur fees that drain common resources.
• Example: Flooding a blockchain game with transactions to claim all daily rewards, leaving none for real players.
• Solution: Implementing fee markets, rate-limiting, or cost structures that align incentives and prevent spam.

A bank run and death spiral triggered by the breaking of the UST stablecoin's algorithmic peg, showcasing a fundamental economic design flaw.

• Mechanism: As users redeemed UST for LUNA (increasing LUNA supply), hyperinflation crashed LUNA's price, destroying the collateral backing and shattering confidence.
• Scale: Over $40B in market capitalization was erased in days.
• Analysis: A failure of the reflexivity and ponzinomics inherent in the dual-token, algorithmic stablecoin model.

A prevalent Maximal Extractable Value (MEV) attack where bots profit by front-running and back-running user transactions on decentralized exchanges.

• Process: The attacker spots a large pending trade, places a buy order before it (front-run) to drive the price up, lets the victim's trade execute at the worse price, then sells (back-run) for a risk-free profit.
• Economic Impact: Extracts value directly from regular users, increasing their slippage and transaction costs.
• Countermeasures: Private transaction pools (e.g., Flashbots) and commit-reveal schemes aim to mitigate this.

A recurring pattern where attackers manipulate the price feed a protocol relies on to drain funds.

• Common Method: Use a flash loan to create an imbalanced trade on a low-liquidity DEX pool that the oracle queries, creating a temporarily false price.
• Example: The Harvest Finance attack in 2020 used this method against USDT and USDC price oracles, netting ~$24 million.
• Defense: Protocols now use time-weighted average prices (TWAP), multiple oracle sources, and circuit breakers to resist manipulation.

A cryptoeconomic security mechanism that requires validators or service providers to post a stake (bond) that can be destroyed (slashed) for malicious behavior. This aligns incentives by making attacks financially irrational.

• Example: In Proof-of-Stake networks, a validator proposing two conflicting blocks (equivocation) is slashed, losing a portion of their stake.
• Purpose: Converts protocol security from a technical to an economic problem, where the cost of attack outweighs the potential reward.

Introducing mandatory waiting periods for withdrawing large amounts of capital to prevent flash loan attacks and bank runs. This gives the protocol or community time to detect and react to suspicious outflows.

• Example: A lending protocol may impose a 24-hour delay on withdrawals exceeding a certain percentage of total liquidity.
• Effect: Significantly reduces the viability of hit-and-run economic attacks that rely on instant liquidity.

Algorithmically adjusting transaction or protocol fees based on network congestion and demand to mitigate spam attacks and resource exhaustion. This makes flooding the network with worthless transactions prohibitively expensive.

• Example: EIP-1559 on Ethereum introduces a base fee that burns and a priority fee, making fee prediction more reliable and spam less economical.
• Benefit: Protects network functionality during high demand and disincentivizes denial-of-service via transaction spam.

Emergency mechanisms that can temporarily halt specific protocol functions (e.g., borrowing, withdrawals) when predefined risk parameters are breached. This is a last-resort measure to prevent catastrophic failures during an active exploit.

• Example: A decentralized exchange (DEX) may pause a liquidity pool if a sudden, massive price divergence from oracles is detected, preventing arbitrage-based draining.
• Consideration: Introduces centralization and trust trade-offs, as pausing power is often held by a multisig or DAO.

Protecting against oracle manipulation attacks, where an attacker falsifies price data to drain assets from lending protocols or derivatives. Strategies include:

• Using multiple, decentralized data sources (e.g., Chainlink).
• Implementing time-weighted average prices (TWAPs) to smooth out short-term price spikes.
• Setting price deviation thresholds that trigger circuit breakers.
• Goal: Ensure the economic state of the protocol reflects real-world market conditions.

Defending against attempts to subvert a protocol's decentralized governance for financial gain. Common defenses include:

• Vote delegation and quorums to prevent low-turnout attacks.
• Timelocks on governance execution to allow community review of passed proposals.
• Separation of powers, where critical parameter changes require a separate, slower security council.
• Example: A proposal to drain the treasury would be delayed by a timelock, allowing token holders to exit or coordinate a response.

A classic market manipulation tactic adapted for crypto, where coordinators artificially inflate (pump) the price of a low-liquidity token through hype and coordinated buying, then sell their holdings (dump) at the peak, leaving other investors with devalued assets. This exploits information asymmetry and the lack of regulatory oversight in decentralized markets.

An attack where a single entity creates a large number of fake identities (Sybils) to gain disproportionate influence in a permissionless system. In blockchain, this can undermine decentralized governance (by voting with many addresses), spam networks, or manipulate proof-of-stake or airdrop distributions. Defenses include proof-of-personhood systems and stake-weighted mechanisms.

A design consideration, not an attack itself, but a vector for potential instability. It refers to a system's ability to accept any token (not just its native token) for transaction fees or staking. While increasing usability, it can weaken the monetary premium and security model of the base layer token in proof-of-stake networks, potentially making the chain more susceptible to other economic attacks.