Slash 0xbb80 for manipulating Cream liquidations

Summary:

Slash 0xbbd80c0127c621f8b545ac44df8aaab5e421360a for not reporting an identified exploit with the CreamLiquidationsJob, draining all the credit, and then attempting to unbond their stake.

Motivation:

0xbbd80c0127c621f8b545ac44df8aaab5e421360a has been identified as having abused the CreamLiquidations job

They had identified that during liquidations, they could liquidate for fractional values, thus not triggering a full liquidations while earning KP3R rewards.

They did not report this behavior when they discovered it. They used it to drain the full credit allotment for the job. And after they drained all the funds they immediately triggered a full unbond.

These actions are not in good faith of the principals expected from a keeper.

For: Slash their stake

Against: Let them unbond

Vote:

https://vote.keep3r.network/keep3r/proposal/QmauoButeq6uRroceAQiVfkjVB8itU6YieAzKDaFoNqyWq

hi @andre.cronje

0xbb80 here.

luckily I saw this thread and can actually defend myself, since this seems pretty much like you making a completely arbitrary decision by yourself without the accused party having had a chance to explain themselves and without having the complete story.

i hope that this would be taken in consideration and discussed before calling for a vote since the way the accusations are phrased are pretty damning especially coming from you.

I find that accusation totally nonfactual since the liquidations in question all had millions of loans outstanding, which I could have tried and repaid with whatever money I could come up and get a liquidation reward of 8% on it plus the kp3r reward which would be absolutely minimal in comparison.

So the concept of ‘triggering a full liquidation’ eludes me, since it would presume that one has the entire capital to liquidate a position at once which is not always the case, and if it is it’s definitely more profitable to do that instead of doing fractional liquidations and earning like 5$ on each in keeper rewards. (just take a look at my previous liquidation worth about 8k for which I asked a friend to put up the capital, if that wasn’t a possibility I’d have to repay amounts that I could afford and would also be liquidating the same account over and over thus getting kp3r rewards, would that also count as ‘draining’???..

so, i could’ve put my entire funds towards repaying the debts (again, over the 6 accounts about 10M) and would’ve gotten not only the kp3r rewards, but also the liquidation rewards- cream keeper job would look the same now and not have any rewards anymore but I’d be a whole lot richer than before.

well then why didn’t I?

if you’d look at the entire history you’d see that i started with a reasonable amount to repay, before using small amounts.

well the reason for that is that after repaying the loan i realized that i ended up with a lot less than i had paid. ~ 30-40% less.

what happened (and this i realized afterwards) is that jeff had created a made up token and allowed it to be posted as collateral, given it to some other accounts who then when that token got some value took out huge loans against it, but in the previous hours that token dumped about 50% or even more, which is why their accounts showed up as liquidatable.

to make things worse the oracle for this token is controlled by an EOA and updated every 240 blocks, taking it’s price from who knows where, which results in cream thinking it’s giving you what you’re owed (loan payback + reward), but that’s just because the oracle is totally off and the real price is instead way lower.

so I went on liquidating amounts that wouldnt incurr in a loss to me as fast as possible, and leave the job without rewards - so that nobody else could be affected by this situation (and btw the kp3r rewards didn’t in the slightest make up what i had lost doing the first liquidation) while trying to gather facts about this scam that is being pulled on cream.

to reiterate, this isn’t a case of finding an exploit and not communicating it, since you can do this in any liquidation. it’s just never profitable unless say the liquidatable amount is maybe 5$ and you liquidate 1/100$ each, which isn’t the case here and if you’d look at my other liquidations that had low profit i never did do, but it might be worth looking into a way of preventing this (it should be rather easy since you could calculate the liquidatable amount and should it be below a certain threshold either directly not allowing the job to be done or requiring it to be liquidated in full- this although wouldn’t have helped here since the liquidatable amount was in the millions).

so I really don’t see how this constitutes anything that could be considered dishonest or the like, I was posting in discord all the facts, even put up the list of accounts that were affected, with the profits (not repay amount, but actual profits):

oh, and another thing- there are usually between 70-90 accounts underwater and liquidatable on cream for small amounts (less than 1usd), – would you consider ‘draining’ of the job if I had liquidated each of them, essentially as well receiving all the rewards for ‘fractional’ amounts, how would that exactly be different, I’d make more money in the end?

so my position:

1. completely deny all the accusations you brought forward, in what I consider bad faith since the wording is totally inappropriate (what has the unbonding to do with anything? i started unbonding my entire amount 2 days before and then added to it, this makes it sound like i was trying to escape or something… sadly there’s no other way to get gas back) and you do not have all the facts, neither was I given a chance to explain myself (even though I did post everything in discord) before a vote was called, which again just is a sign of bad faith since you/re basically creating your narrative and arguments (which are nonfactual) on which you’re then calling a vote, also knowing that since this is coming from you a huge percentage of people would just assume it to be like you say without thinking twice.

2. call attention to an oversight in the kp3r system, since while there are restrictions for keepers it seems there are none for jobs and this job is ridiculously unsafe- i’ll hope this will act as to ban every job involving cream which shouldn’t be used or promoted in any way

3. change the smart contract logic for rewarding liquidations to require a minimum of debt repaid

4. change the way how accusations and votes for slashing of bonds are brought forward, it again is absolutely incomprehensible to me how this is being done right now, the wording almost reads like a sentence which would make this ‘guilty until proven innocent’ - when it should be the other way around.

5. set some examples for ‘malicious behavior’, since I could easily say that the guy that is frontrunning everybody on every other job, at a loss, does way more harm to the keeper community than people not being able to do a job which shouldn’t have been allowed in the first place since it could result in huge potential losses and probably are safer now than before- oh and if the frontrunning is OK because well, he’s basically taking a loss, again, the money I lost here isn’t comparable to the kp3r rewards received, so again I completely fail to see any ‘malicious behavior’ on my part, neither in somehow harming the community or enriching myself

So you agree you discovered a vulnerability, used it to drain the credits, and then unbonded?

yes there was a vulnerability in the keeper job that could have led to keepers incurring in pretty substantial losses (like I did). so yeah I discovered that and posted about it in discord

Nope, please read my post above.

No idea what this has to do with anything, again please read my post and tell me. Since you even wrote how the current design is flawed, thus introducing the metakeeper (which for whatever reason is restricted to keepers with >100 bonds), I completely fail to see it’s relevance here.

Thank you, no further comments from me, will leave it up to voting.

In Discord, you made this claim:

hence I’d argue that ‘draining’ his job in order to protect other keepers was pretty much the right thing to do so

You also have previously mentioned multiple times that you are the only one doing this job, so I find the argument of protecting “other keepers” as pretty out-of-one’s-ass, so to speak.

An alternative solution would have been to contact Andre or governance and just explain the situation. I feel like that would have been more beneficial for the protocol and also more profitable for you because I am fairly confident governance or just Andre would be happy to give a bounty for that one

I just don’t really get the strategy that was played here. Why drain funds in a job and then immediately unbond in a system where that type of behavior could be seen as super suspicious. Sure you can throw up various excuses, but how could you not expect to be slashed?

If I were you, I would have

1. Not felt the need to be rushed because I would realize that I am the only one running the job. Which gives me time.

2. Report the issue to Andre. Ask on the forum for a private communication with him regarding a job exploit.

3. If a bounty is not brought up, explain how you lost money finding this out and would be incredibly grateful for compensation.

I am not sure why this wouldn’t be the first solution to consider.

But here’s the thing, there was no ‘’ exploit ‘’ in the keeper system to report. The issue was/is with cream and that it would show liquidations which looked extremely profitable during a period, but that in the end would result in a ~30% loss. Now imagine someone that just started with cream liquidations since no other job is profitable, or that saw Jeff’s tweet and how in another one there was profit of 8k, and thus would’ve switched to this job, maybe a couple hours later, who knows, and then seeing numbers like the ones in these liquidations which might have enticed them to use a substantial amount to repay a loan?

And I’m repeating myself here but if those weren’t unprofitable liquidations because of a huge flaw in creams protocol, I had done exactly the same but made idk, 800$ profit with each liquidation. But the end result would be exactly the same, I had gotten all rewards for the job (simply because I couldn’t put up the capital to liquidate a position at once, fully, I had needed to to multiple txns) plus a nice profit from the liquidations themselves.So basically instead of liquidating 1ct / txn I had liquidated say 5k , which I guess would’ve looked ‘‘better’’, but how does it make a difference? Or how is one considered an exploit and the other isn’t??? How would I liquidate a position fully without having the funds to repay the loan in one transaction?

I see how it can look like abusing the system to do small liquidations repeatedly without having context but that I provided in discord, and if I had realized that this would cause this kind of misinterpretation, I could’ve simply changed two lines of code and liquidated the 70 other underwater accounts which liquidation amounts range from 3USD to fractions of fractions of USD-- those would’ve been considered ‘‘full’’ liquidations I assume and there couldn’t be even any talk about an exploit, but again the end result would be absolutely the same, just that it would look better to someone that doesn’t have the context or/and doesn’t understand how liquidations work.

I completely fail to see however how something looking good or bad would make it abusing an exploit- or not-, except to someone that is completely unfamiliar with the topic.

@andre.cronje
Alright I won’t keep arguing even though I must say I’m very disappointed in your actions.

But regarding the ‘voting’ I’m quite confused actually, according to IPFS, this is a proposal, yet no proposal was created within the governance contract. So under what contract/code is this executed / recorded?

Then, the dispute you emitted about 25hs ago, yet the forum post is only 13hs old, so 12hs before opening the issue to conversation, since I guess that’s just the idea of having a dispute, being able to discuss it and hear the accused’s side of it, you felt the need to create a dispute. Why the rush? On what basis did you create it? Shouldn’t it being created alongside with opening up a way to actually, well, dispute??? This to me seems like emitting the event, because the protocol requires it, but not really caring about it’s result (disputes can actually be resolved)- since you had your mind made up anyways.

948×257 13.3 KB

And lastly how exactly do you feel about being the one bringing forward a disputed, evidently far from impartial to the issue, and at the same time retaining the ability to emit an arbitrarily amount of votes to either existing or new accounts? This seems like a pretty profound conflict of interests to me.

So, why not skip the act and just do what you will, I honestly don’t care at this point. I used to be very motivated in this project and it’s future. But since this is evidently an Andre show, let’s put aside the facade of giving the impression that this in any way shape or form is going to be executed in a rightful matter, and just slash away- after all they are your made up tokens.

Since you have resorted to personal attacks, I am closing this thread. Disputes are the pre-voting mechanisms, disputes are lodged > vote occurs > resolution happens. If you don’t want to learn how the system works in a polite manner, I think it is better off without you.