TWAP manipulation Post-merge
Opened this issue · 1 comments
The analysis provided is interesting and gives a lot of insights into the costs of TWAP manipulation in Proof of Work domains. However, in post-merge (and more specifically post-MEV-boost) the costs of executing the attack are, in general, cheaper.
For example, assuming a validator that has access to 10 blocks in 12 minutes could execute the following strategy to manipulate the price. Assuming that the validator is the block proposal of block
- Costs are induced transaction fees and LP fees (fees of the Uniswap V3 pool).
- Validators do not need consecutive blocks.
I wonder if Euler/Uniswap or other teams are taking into account this "new attack vector" in the post-MEV-Boost world.
Yes, it's an excellent point and we are concerned about the long-term security of TWAP oracles.
I've created a proof-of-concept oracle that uses median prices instead of averaging, which may have better security properties. You can read more about this here:
https://github.com/euler-xyz/median-oracle
https://ethresear.ch/t/median-prices-as-alternative-to-twap-an-optimised-proof-of-concept-analysis-and-simulation/
Would appreciate any feedback!