I think that many do not understand my proposal, so here I leave a more graphic scheme so that you understand it better, this is for the health of the protocol. If you want ultra leverage you can use another DEFI protocol, but Indigo is not designed for that.
1 Like
hey would you be able to or want to help me calculate the amount of capital it WOULD take to attack the protocol? I think it would be wise to help us determine the “perfect number” rather than the arbitrary 200%. I think you expressed yourself very well as a non native speaker and while I don’t agree on all points I DO recognize than an exploit doesn’t require a “hack”, rather a simple attack vector.
While you’ve claimed the protocol can be attacked, I think calculating the amount of capital it would take is critical to determine an appropriate MCR
I don’t see how the attacker benefit manipulating price of iusd. one can dump iusd to 0 today and it will still be fine as long as oracle isn’t manipulated.
an attack will involve manipulating oracle price for profit
if it is a hack then it will be minting more iAssets
in this case I would say trying to manipulate ada price is pretty tough. if it does then we all will be picking up cheap ada.
One way I would think of would be what happen if a whale borrow iusd and forget about it.
subsequently a fierce dump happen. whale ADA get liquidated. stability pool runs dry.
this would instead turn into a squeeze on iAsset for ppl to cover debt and prevent liquidation but people will start minting and selling on dex as well.
this may leave stability pool with no iusd to do any liquidation and thus bad debt.
I share the view of @solitude . If somebody pushes iUSD to 0 on a DEX, I will be happy to buy it all. I get the concern with CR but I would only consider 110-130% range. I do not want to be limited in my risk-taking. Right now we should promote minting iAssets. This is exactly what 110% CR allows. If your CDP is at 111% and 20% dump comes, you are actually even gaining on the liquidation. Such dumps are not that frequent so SPs should not suffer that terribly and they should know the risks. If we want to limit the success of Indigo just because some user might be inexperienced, that would be shame IMHO. These users should read the WP, educate themselves first and go try on testnet. Then they might come with real money. This protection thing sounds like what banks are doing not allowing you to work with certain products because they claim they are too risky and they want to protect you. Leverage trading is not for everybody and that should be acknowledged and the Indigo team was mentioning it often I think.
5 Likes
Any limits is out to protect and defend the protocol solvency and not limiting users.
In a example on 19 may 2021.
amplitude of the crash is 50% in a single day.
Now consider if the account holder of 2m iUSD
And stability pool of 1.5m
If he withdraw 10.2m ada and left with 8.8m and price hit liquidation at 0.25
This will result in a shortfall of 500k iUSD
Protocol enter into bad debt that at point of oracle if the account is liquidated at start of the drop. eg 0.25 cents.
1.5m stability pool at 0.25 will liquidate 6.6m leaving 2.2m ADA frozen + 500k remaining bad debt
if price continue to falls and end up with 0.125 cents oracle price
sending anymore iUSD into the stability pool would actually be negative value because this 500k will be use to liquidate 2.2m ada worth 275k only.
Given there is
1)Actual day that 50% drop happen in past 2 years.
2) Actual position that can result in bad debt currently (2m)
3) Actual lack of stability pool reserves to cover one single account bad debt.
4) actual incentive during extreme volatile period to withdraw from stability pool
5) actual incentive to front run oracle pricing by increase minting of iasset during volatile period
This is to defend indigo in its market operations even on days of extreme volatility.
protocol can survive for years but it only take a day to get totally destroyed.
1 Like
nicely stated. thanks
1 Like
agreed 100% ty for clear example w the maths
1 Like
The reason your CDP was not liquidated was because the preview network did not have the Liquidation Bot actively running as we were doing some manual testing. I apologize that it overlapped with your test, we will start the liquidation bot on the preview network and keep it running so that you are able to test.
In the case that you are pursuing, where the Stability Pool does not have enough iAsset to liquidation your WHOLE position, a partial liquidation takes place where the Stability Pool is emptied to pay off as much debt as possible.
An “attack” like this can occur in any system with not enough liquidity. However, the beautiful thing is that the community can band together by providing more liquidity to the Stability Pool until that position is fully liquidated. I’m happy to answer any question with respect to that if you’d like.
5 Likes
In order to not result in over limitations I would suggest that such limit to be at 150% this should provide sufficient protection with 120% MCR.
Do we have to temp check for different percentage suggestion?
1 Like
For me, 150% is super perfect, it would still be good if it was voted for by the community, that it be multiple voting, a serious Mint option and withdraw with ADA collateral from:
1-110% (leave it as is)
2-150%
3-175%
4-200% (For me the healthiest and most responsible)
5-225%
6.250% (Super Collateral)
The most voted would be the option to which all users would adapt. This is so that the community does not seek to self-liquidate and irresponsibly create synthetic tokens, and that the protocol is healthy.
We will leave the leverage to other Cardano protocols, even Indigo can include it to create a lending protocol where the synthetics are deposited and rented and have rewards without having to create new synthetics, that leverage can be 1000 if they want,
(later I pass the proposal just like the idea is, but let’s solve this first)
This for me as an investor would be to invest in this protocol and create new synthetics.
1 Like
Would certainly vote 2 for capital efficiency and yet increased safety margin. we can adjust as we go along.
I have also create a separate thread incase it is needed to pass that through.
There are also other topics such as malicious unforeseen minting and systemic accounts that is larger than stability pool which won’t be solve by this parameter alone. but 1 step at a time.
1 Like
All of this person’s suggestions seem like they’re out to limit the growth of Indigo. Who are you? I would vote no.
4 Likes
I dont like this idea. no way
2 Likes
1 Like
Juan decided to leave the Indigo community so I don’t think this temp check will make much further progress
1 Like
Details on why he left the community?
@mannymacfly He thought he found a protocol vulnerability and demanded payment like it was a bug bounty. The Lab encouraged him to test his theory on testnet. He did and the protocol showed resilience and performed as designed. He continued to make accusations and make demands in discord until he got frustrated and left. A few hours later I saw him in Minswap discord making crazy accusations and demands. Just that type of troll I guess.
He asked for payment for a finding without providing evidence and then unexpectedly said he didn’t want to part of the community. Apparently though he’s back in the Forum. So maybe he just meant he left Discord.
I don’t believe anybody is attacking you personally. There have been calls to provide evidence to back your proposal. It’s reasonable to expect evidence for a new proposal, especially one that impacts the core mechanics of the protocol.
The protocol already supports users to open positions at 200%. The average CR is above 200%. Forcing every user to have a certain CR disincentivizes arbitrageurs and could reduce Indigo’s liquidity. This forced “user protection” could be justified if there was a proven benefit that could be added to the system. There are already protections in place for users, and users are responsible for their own positions. As it seems right now, this proposal is a solution looking for a problem. The system isn’t broken, so why try and make a major change that discourages users.
As for the testnet, you tried to attack it and your attack failed. There’s no conspiracy or manipulation. You had a theory, put it to the test, and the result is that the theory is invalid.
These discussion are very much appreciated. I hope you stick around for the future and continue to help make Indigo stronger.
2 Likes
Hey @juanCardano - Thanks for the input. Our team is aware of your proposal and we’re discussing things like these internally. Thank you for being a voice in the community and providing valuable feedback. This is exactly what the DAO needs to thrive. 
1 Like