The MakerDAO crypto project behind the DAI algorithmic stablecoin contains a vulnerability that allows users to avoid liquidations and thus violate the 150% position security requirement, BProtocol says..
Some users may go for the trick to achieve much more favorable conditions for liquidating secured debt positions (CDPs), analysts said. It is assumed that the protocol will close such positions automatically after collateral falls below 150%. However, breaking the CDP into small positions of around $ 100 avoids forced liquidation due to profitability issues..
BProtocol created storage facilities for $ 128 to meet the minimum size requirements. During the analysis, it turned out that MakerDAO liquidators often show no interest in small positions and allow them to exist longer than they should. This is probably due to high commission costs in auctions, because of which participation in them with an amount of remuneration below a certain limit is inappropriate. As a rule, participants in such auctions are bots configured in a certain way..
“If we have a storage facility worth $ 1 million, we will have to spend about $ 5,000 on gas expenses to split it into 7,800 storage facilities. In other words, the user can protect their vault from future liquidations by donating only 0.5% of the vault size, ”analysts say. Under the standard procedure, 13% of the invested amount is withheld from the liquidated user.
The MakerDAO community has already begun to discuss the problem, since a large volume of positions in the system without sufficient collateral risks turning into a repetition of the events of “Black Thursday”.