Monad Capital: Setting a Borrow Limit on Collateral Supply Could Have Prevented Around $200 Million Loss in Today's rsETH Incident
BlockBeats News, April 19th, Monad co-founder Keone Hon expressed in a post: "I feel that the 'Liquidity Pool Lending Protocol' should set a rate limit on the asset's supply deposited as collateral. For example, if the current supply is 100 million and the supply cap is 300 million, then within the next 10 minutes, it should only be allowed to grow to a maximum of 110 million, instead of depositing the entire 200 million at once. In reality, no one needs to deposit such a large amount at once. This is important because when certain 'exotic assets' are attacked, the impact depends on the asset's 'exit channel scale.' Especially in many attacks involving the 'infinite issuance bug,' the scale that can exit basically determines the upper limit of the attack loss."
"The lending protocol is often the largest exit channel. If a 'smart cap' is introduced, with the initial cap slightly higher than the current supply and gradually adjusted to the true limit within a few hours, it will have a huge effect. If this mechanism existed, today rsETH depositors could have avoided losses of around 200 million dollars. This also raises a point: the asset issuer itself should also support this mechanism. If you issue tokenized assets with a redemption delay, then you are not worried about hackers redeeming directly from you, but you need to compress the external exit route scale as much as possible while not affecting normal user usage. Therefore, a high supply cap should be seen as a risk rather than a show of strength."
"For example, the Hyperbridge DOT attack did not cause a 100 million dollar loss because there were very few exit routes; the Resolv attack resulted in a loss of 24 million dollars instead of 200 million because the exit route scale limited the loss ceiling. This is an obvious truth, but there are still immediate actions that can be taken: audit the supply cap of all assets and reduce the cap when unnecessary."
