You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note that the CCR and SCR must be set in a way that they are not too close to each other to prevent intentional triggering of branch shutdown.
In particular, the CCR should be higher than the SCR by an amount that is greater than the largest expected price change in a single oracle update. Otherwise, an attacker could intentionally trigger shutdown by frontrunning the oracle update.
This would be similar to the known attacks for triggering recovery mode in Liquity V1.
The currently proposed values of CCR = 1.5 and SCR = 1.1 appear far enough apart that these attacks are not feasible. Any future deployments that use closer values should consider this attack vector.
The text was updated successfully, but these errors were encountered:
Note that the CCR and SCR must be set in a way that they are not too close to each other to prevent intentional triggering of branch shutdown.
In particular, the CCR should be higher than the SCR by an amount that is greater than the largest expected price change in a single oracle update. Otherwise, an attacker could intentionally trigger shutdown by frontrunning the oracle update.
This would be similar to the known attacks for triggering recovery mode in Liquity V1.
The currently proposed values of CCR = 1.5 and SCR = 1.1 appear far enough apart that these attacks are not feasible. Any future deployments that use closer values should consider this attack vector.
The text was updated successfully, but these errors were encountered: