There is a concern that a bad actor can liquidate GS borrowers by loaning a large amount in a flash loan and trading back and forth in the CFMM to raise the fee yield from the CFMM in order to raise the value of long gamma loans within one block, thus forcing the liquidation of a or several long gamma positions.
The flashloan liquidation attack can arise from high liquidity leverage. The GS protocol immediately converts LP tokens back to tokens when long gamma positions are opened. If GS loan positions get big enough, it can leave a very low liquidity vs opened loans ratio increasing chances of a successful attack.
One way this can be resolved is to include a yield TWAP in the same way the original Perpetual protocol was implemented and discount the significance of the yield from the CFMM pool as the leverage ratio increases. The second aspect would mean that as the leverage ratio increases the yield from the CFMM is discounted and therefore GammaSwap could potentially provide lower returns than the CFMM for small amounts of liquidity.
However, discounting the CFMM yield as leverage goes up would make it possible for a flash loan attack to almost never be profitable except for situations where a liquidity loan was already very close to liquidation. For example if the full CFMM yield is only allowed up to when the leverage ratio is at a value of 1 (that’s C/L = 1), and we’ve chosen a 10% and 5% value for w and f in the model below respectively and there’s only one loan on the platform or all loans are at the same distance away from liquidation percentage wise, then a flash loan attack, ignoring flash loan lending fees and ethereum transaction fees, would only be successful when the loan or loans are 0.5% away from liquidation.
When can a flash loan attack happen?
The conditions under which a flash loan attack can happen is whenever the liquidation reward is greater than the cost of raising the yield of the CFMM to a level that creates a liquidation event. Mathematically, this can be written like this
dL < Cw*f
where d is the percentage points that you have to increase in the pool to increase the CFMM yield to create a liquidation event and L is the amount of liquidity in the CFMM pool (deposited through GS and not through GS). Therefore d*L is the total cost to an attacker, assuming the borrowing costs of a flash loan are zero (maybe not a flash loan) and ethereum network transaction fees negligible (say we’re in a layer 2 network).
C is the size of the liquidity loan. w is the percentage of the liquidity loan that must at least be added as extra collateral so that the loan is not subject to liquidation. (E.g. a loan of 100 liquidity units with 110 liquidity units of collateral when liquidation happens, w is 10/100 = 10%). f is the liquidation fee as a percentage. Therefore Cwf is the liquidation reward.
In this case, an attack to increase the yield of the CFMM to create a liquidation event in the GS pool, will have to satisfy the following condition
d < (C/L)wf