search

9.1 Attack Vectors & Mitigation

We conducted a comprehensive stress test on the protocol based on the STRIDE threat model and designed defense mechanisms for the following three core attack vectors.

hashtag
9.1.1 51% Attacks on Arbitration

hashtag
Threat:

Attackers attempt to control more than half of the arbitrator seats in the DAN network, thereby stealing escrow funds or illegally seizing opponents' collateral through malicious majority voting (such as ruling that "empty packages are genuine").

hashtag
Mitigation Strategies:

  1. Random Sortition & Secrecy:

    Due to the adoption of VRF (Verifiable Random Function) and the Commit-Reveal mechanism, attackers cannot know who the specific arbitrators are before the voting results are revealed. This means that attackers cannot carry out precise bribery and can only attempt to bribe the entire network, which is economically impractical.

  2. Appeal & Forking Deterrence:

    Even if an attacker temporarily breaks through the first round of arbitration (with 3 people) or even the second round (with 7 people), the victim can continue to appeal. As the size of the jury expands exponentially, the attack cost $C_{attack}$ will quickly exceed the potential profit $R_{profit}$.

Cattack(k)r=0k(Nr×BribeCost)RprofitC_{attack}(k) \approx \sum_{r=0}^{k} (N_r \times \text{BribeCost}) \gg R_{profit}

  • Ultimate Defense: If an attacker has unlimited funds and controls 51% of the $PACT tokens (the final jury), the community will trigger a Social Fork. Honest nodes will migrate to the new contract, and the attacker's $PACT tokens will be zeroed out on the new chain. This "mutually assured destruction" deterrent ensures that rational large holders will not act maliciously.

  1. Economic Isolation:

Each case is independent. Even if a certain case is attacked, the attacker's influence is limited to the fund pool of that case, and they cannot directly deplete other users' funds in OmniVault through this vulnerability.

hashtag
9.1.2 Flash Loan Attacks on Collateral

Threat:

Attackers use Flash Loans to borrow huge amounts of funds within a single block, manipulate price oracles on DEXs (such as Uniswap), causing OmniPact to miscalculate the value of collateral (for example, determining insufficient collateral and liquidating it) or manipulate the share price of OmniVault.

Mitigation Strategies:

  1. Hardened Oracles:

    OES strictly prohibits the direct use of DEX's instantaneous spot prices. We mandate the integration of Chainlink Price Feeds, which aggregate weighted data from multiple centralized and decentralized exchanges. A single flash loan cannot manipulate Chainlink's global consensus price.

    • Alternative plan: For long-tail assets, TWAP (Time-Weighted Average Price) is adopted. Attackers must continuously manipulate prices across multiple blocks, which is extremely costly.

  2. ERC-4626 Defense:

    OmniVault adopts strict accounting standards when calculating the share exchange rate:

    • Donation Attack Prevention:During the initialization of the Vault, a small number of shares (Dead Shares) are pre-minted and then destroyed to prevent attackers from manipulating the exchange rate through donating assets to an empty pool, which could lead to rounding errors.

    • Virtual Offset: Introduce a virtual asset offset in the internal pricing formula to smooth out extreme exchange rate fluctuations.

  3. Same-Block Restrictions:

    The protocol prohibits the completion of deposit and withdraw operations within the same block. This logically cuts off the path for risk-free arbitrage using flash loans.

hashtag
9.1.3 Front-running Protection

Threat:

MEV searchers monitor the mempool.

  • Scenario A (Rush to Accept Orders): When seeing a public acceptance order with high profits, increase the Gas fee to rush to accept the order first.

  • Scenario B (Following the vote): Seeing that a high-reputation arbitrator has submitted a vote, one rushes to submit the same vote to fraudulently obtain rewards.

Mitigation Strategies:

  1. Designated Taker:

    The OES contract supports the whitelist mode. Buyers can directly specify the sellerAddress when creating an order.

    Solidity

    In the case of a designated order, even if a searcher sees the transaction, they cannot front-run it because the addresses do not match.

  2. Commit-Reveal :

    As described in Section 4.3, the arbitration voting is divided into two stages.

    • Commit phase: What is committed is the hash value However, although searchers can see the transactions, they cannot know the contents.

    • Reveal phase: At this point, everyone reveals simultaneously, and there is no point in jumping the gun anymore (because the Commit window has been closed).

  3. Private Mempool Integration:

    For institutional-level large-value transactions, the OmniPact frontend is integrated with Flashbots Protect RPC by default. Transactions are not routed through the public mempool but are directly sent to miners for packaging, eliminating the possibility of being front-run at the physical network level.

This section presents OmniPact's mature technical solutions for combating Web3-specific financial risks (MEV, flash loans) to auditing institutions and high-net-worth users.

PreviousSecurity & Risk AnalysisNext9.2 Audits & Formal Verification

Last updated