The countermeasure against withdrawal attacks
Last updated
Last updated
When performing the “Withdrawal Arbitrage” attack, the profit would be :
The maximum profit will be :
And the withdrawal fees will be equal to the maximum profit possible to obtain from the attack, as calculated by the below formula :
A natural concern may be that withdrawal fees will be large and punitive for liquidity providers. In most cases, however, a very small withdrawal fee is already sufficient to prevent such an attack. For instance, when the coverage ratio is 0.8, the withdrawal fee will only be 0.01%.
In fact, at any coverage ratio, the marginal slippage will always be larger than the withdrawal fees. Assume the withdrawal amount is equal to 1% of the pool:
Which means that there always exists a larger financial incentive for arbitrageurs to come to restore the system’s coverage ratio compared to withdrawal.
Note that the protocol can support withdrawal when coverage ratio is lower than 1 is because of a common assumption for modern banking’s fractional reserve — not all liquidity providers will withdraw their liquidity all at once. As long as the trust remains intact (i.e. the system is solvent), bank run will not happen, and withdrawals from any individuals will not drain up the pool significantly.
One more point to note is that, the reverse version of it — deposit arbitrage / deposit fees also exists, but the amount is even more negligible (this fee is charged because it is necessary to prevent flash loan).