An analysis of irregularities discovered in the Augur decentralized prediction market platform has identified a number of design flaws. Namely, it identified a potential attack vector based on discrepancies between a market’s expiry date and its outcome date.
How A Prediction Market Works
A prediction market would seem an ideal use-case for blockchain, harnessing the trustless nature and lack of centralized control. Augur uses the Ethereum blockchain, and allows an individual to create a prediction market based on any definable event.
The market creator defines the topic, end date, and potential outcomes, plus an adjudicator if so desired. Trading (denominated in ETH) continues until the event-end, at which point Augur token holders (or designated reporter) determines the outcome. Token holders stake their Reputation (REP) on the outcome and receive settlement fees.
Houston, We Have A Problem (or Two)
Aside from potentially-illegal markets, covering topics such as assassinations and terror attacks, there are some key fundamental issues.
Owing to its steep learning curve, many Augur users rely on various web interfaces, which offer non-standard features and are open to manipulation. In particular, many users gravitate towards markets which appear trustworthy to others. This creates a feeding-frenzy around the few markets with reported volume, which the market creator may well have manipulated.
Disputed outcomes go to a voting procedure, with users staking REP, and receiving rewards if they choose the winning outcome. This incentivises users to vote for the most popular outcome, regardless of whether it is the true outcome. On top of this, the validity bond, which is lost if a market is deemed invalid, remains fixed, so bad actors can continual create bogus markets.
Potential Attack Vector
A recent example of how this system can be manipulated, was based on the ‘general price of Ethereum’ at the end of the day on March 31st (UTC). The market expired at 01:59 on April 1st (UTC+8), which is before the outcome date, which could cause this contract to be deemed invalid.
By creating multiple outcomes, one of which was unrealistic (ETH over $1000), and one seemingly easy to achieve (ETH between $100 and $1000), it just required a bit of wash-trading to lure punters in.
The attacker would then send a limit sell order for the ‘easy’ outcome, for a quote which is above the reward for an invalid result, but below that of a supposed ‘good deal’. Thus users will fill the order, unknowingly being potentially stuck in an invalid market.
An invalid market results in an equal amount of ETH going to shares of each outcome. In a three outcome market (the final outcome being ETH < $100), each outcome would be marked at 1/3 value. With the majority of participants backing the ‘easy’ outcome, a disproportion return would go to the ‘unrealistic’ backers.
Fixing A Hole Where The Rain Comes In
Whilst Augur has already identified several of the concerns, there has been no official announcement of improvement implementation. Meanwhile, users are still exposed to this kind of attack.
Indeed, the same creator has already made a new market with the same flaw called ‘Ethereum Price at End of April’. There are also copycat markets springing up to catch users unawares.
Until these flaws are fixed, users should probable consider Augur, ‘buyer beware’.