We are building something new at Inverse, driven in a big way by some expensive lessons we learned in Q2 2022 when Inverse was affected by two oracle price manipulation incidents. You can read about them elsewhere on this blog but saying “we have learned a lot” is not a throwaway line – we are actively repaying debt, amping up our spend on security, and in our new product development process the lessons are front and center.
In both of the incidents, a key point of vulnerability was the existence (or availability) of a cross-collateral pool that allowed an attacker to artificially inflate the price of a collateral token and then borrow other tokens – WBTC, WETH, YFI – which were originally deposited by other users.
This concentration of heterogeneous collateral deposits is essential to the proper functioning of that (Compound-based) money market design. In other words, the system is designed so depositors can also borrow any available token against their token used as collateral. This pooling across assets and users enables lots of liquidity and in many cases can be quite convenient.
But the strength of this approach is also its most significant vulnerability: a single security breach can potentially drain a large portion (or all) of a protocol’s TVL. Cross-collateral pools lack the ability to cap borrows on a per-collateral type basis, so insolvency risk can be high. To gratuitously use a TradFi analogy here, the risk is similar to a robbery at your local bank branch that drains deposits from every branch scattered across a country.
Scaling DeFi in a way that will truly rival TradFi requires new ways of depositing, securing, and managing collateral that makes exploits like the ones above far more difficult. Our firm commitment to this will be unveiled soon.