Summary
The objective of this proposal is to address a bug in the current implementation of the borrowing function within the red-bank contract of the Mars Protocol. Additionally, we propose to implement a utilization ratio cap to ensure the stability and security of the protocol. This proposal addresses a vulnerability identified through a bug bounty program. While both our team and the bounty participants agree that within the current liquidity configurations the vulnerability is not exploitable, there is a possibility that changes in the future could make exploitation possible. Therefore, to preemptively mitigate this potential risk, we are proposing these changes to fortify the protocol’s security.
Motivation
Currently, there is an issue within the borrowing function of the red-bank contract that allows for unintended behavior, potentially leading to instability and risk within the protocol. This issue arises from a lack of validation in checking the market’s utilization rate, which could result in the utilization rate exceeding 100%.
Moreover, if we do not accurately track and manage internally tracked balances such as collateral and debt within the borrowing function, there is a risk of allowing the debt value to increase beyond the collateral’s capacity. This can lead to an inflated utilization ratio, which not only compromises the stability of the protocol but also poses a risk to user funds.
To mitigate this risk and ensure the protocol’s stability, it is crucial to implement a fix that addresses this vulnerability. Additionally, by introducing a utilization ratio cap set at 100%, we can prevent any potential misuse of the protocol and maintain its integrity.
Risks
This change introduces smart contract code changes, which inherently carry the risk of introducing new bugs or unforeseen issues. However, the proposed fix and utilization ratio cap are essential for mitigating existing vulnerabilities and ensuring the protocol’s long-term stability.
Implementation
The proposed fix for Osmosis and Neutron will involve updating the borrowing function within the red-bank contract to include validation checks for the market’s utilization rate. Specifically, we will ensure that the utilization rate does not exceed 100% to prevent any unauthorized borrowing that could destabilize the protocol.
Furthermore, we will introduce a utilization ratio cap set at 100% to enforce this constraint and provide an additional layer of security to the protocol.
Copyright
Copyright and related rights waived via CC0.
Disclaimers/Disclosures
This proposal is being made by Mars Protocol Foundation, a Cayman Islands foundation company. Mars Protocol Foundation engages in research and development of the Mars Protocol. Mars Protocol Foundation and certain of its service providers and managers own MARS tokens and have financial interests related to this proposal. The aforementioned persons or their affiliates may also have financial interests in complementary or competing projects or ecosystems, entities or tokens, including Neutron/NTRN. These statements are intended to disclose relevant facts and to help identify potential conflicts of interest, and should not be misconstrued as a complete description of all relevant interests or conflicts of interests; nor should they be construed as a recommendation to purchase or acquire any token or security.
This proposal is also subject to and qualified by the Mars Disclaimers/Disclosures. Mars Protocol Foundation may lack access to all relevant facts or may have failed to give appropriate weighting to available facts. Mars Protocol Foundation is not making any representation, warranty or guarantee regarding the accuracy or completeness of the statements herein, and Mars Protocol Foundation shall have no liability in the event of losses or damages ensuing from approval or rejection or other handling of the proposal. Each user and voter should undertake their own research and make their own independent interpretation and analysis of all relevant facts and issues to arrive at their own personal determinations of how to vote on the proposal.