The Factory incentive structure is deeply flawed due to sharing of payoutAmount across all pools #327
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
🤖_327_group
AI based duplicate group recommendation
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Comments
c4-bot-10
added
2 (Med Risk)
|
MarioPoneder marked the issue as duplicate of #37 |
c4-judge
added
the
unsatisfactory
|
MarioPoneder marked the issue as unsatisfactory: |
|
Hi and thanks for your comment! I acknowledge that the present core issue ( A few aspects to consider:
All in all, I appreciate the value & insights provided by this submission, but cannot justify Medium severity from a judging perspective as we are arguing against a fundamental design decision which was carefully considered. Thank you for your understanding! |
|
MarioPoneder marked the issue as not a duplicate |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/code-423n4/2024-02-uniswap-foundation/blob/5a2761c8277541a24bc551fbd624413b384bea94/src/V3FactoryOwner.sol#L72
Vulnerability details
Description
The new fee collection operates by any Bot / searcher calling
claimFees()on the V3FactoryOwner. They pay the globalpayoutAmountdefined in the contract (in WETH) in exchange for receiving the protocol fees from the pool. Note that for eachclaimFees()call, the fee recipients collectively and implicitly give up the cost of delivering the TX by the searcher. That cost is comprised of the gas expenses, bribing fees for frontrunning and any infrastructure overhead. To give an example, if the bot costs are $20 andpayoutAmountis $50, the bot would start being incentivized to callclaimFees()when the fee value is $70+. In that scenario, the racer overhead is $20/$70 = ~28% before the racer is even profitable.It is hopefully clear that the
payoutAmountneeds to be very big in relation to the racer costs so that a massive chunk of the fees won't go to the race overhead. However, note thatpayoutAmountis the same for collection of all pools, while the rate of accumulation varies by several orders of magnitude between the pools.For example, USDC/USDT could make $5,000 per day in fees, while MEME/ETH would make $15 per day.
The existence of wide fee ranges makes choosing a reasonable
payoutAmountimpossible. The higher it is, the lower the yield paid off for the racer, but it would make it take too long (if ever) for the low-capacity pairs to generate enough fees to make a racer pay for it.Therefore it's important to be able to set
payoutAmountindividually for each pool, or have it calculated automatically based on pool trading volume in some way. This way the large pools could be set with a high amount to minimize leak of rewards, while it would be set low for small pools to not block off their fee stream.Note that the origin fee collection function didn't leak any value out of the protocol fees, the issue is introduced by the upgrade.
Impact
The fee claiming design significantly reduces the yield paid to UNI stakers.
Tools Used
Manual audit
Recommended Mitigation Steps
payoutAmountshould be a mapping item per pool which theadmincan set.Assessed type
Other
The text was updated successfully, but these errors were encountered: