PROFITING FROM PEG DEVIATIONS
LUSD<1$: Buy 1 LUSD on the market and redeem for 1$ worth of $ETH.
LUSD>1$: Provide ETH collateral, borrow LUSD and sell at premium to buy back lower.
https://t.co/Dq5gdYYYZ0
INTEREST-FREE BORROWING
$LUSD borrowers pay a one-time fee as low as 0.5% of the borrowed amount.
No interest is charged later.
It's a more reliable model than other borrowing protocols which charge variable and unpredictable interest rates for the whole duration of the loan.
HIGH CAPITAL EFFICIENCY
$LUSD requires minimum Collateral Ratio (CR) of 110% which means users can borrow up to 90% of the dollar value of their provided collateral.
It makes $LUSD more capital efficient than $DAI where the lowest CR for ETH vault is 130%.
DATA FEED (system can't price itself)
The protocol uses @chainlink price feed for $ETH but it also has a back-up oracle from @WeAreTellor to be used under extreme circumstances.
✅ Low Risk
$LUSD is backed by the most trustless collateral on Ethereum, $ETH.
Yes, it limits the total value of collateral that can be used to issue a stablecoin.
But it is also the safest collateral that exists on Ethereum.
Let's cover all the risk areas for LUSD.
Accepting centralized collateral like USDC or WBTC is the most criticized issue for $DAI.
Actually, only 7% of DAI in circulation is generated from $ETH.
If there was some regulatory pressure on USDC / WBTC custodians and funds were frozen, DAI value would be at huge risk.
Non-custodial stablecoins have 5 major risks:
- Collateral (value < issuance)
- Data Feed (system can't price itself)
- Governance (parameter failure)
- Base Layer (chain fails)
- Smart Contract (hack leads to insolvency)
Each can result in the stablecoin value going to zero.
Custodial stablecoins have three major risks:
- Counterparty Risk (fraud, theft, govt seizure, etc.)
- Censorship Risk (operations blocked by regulators, etc.)
- Economic Risk (off-chain assets go down in value)
Each can result in the stablecoin value going to zero.
There are two major classes of stablecoins:
Custodial: entrusted by off-chain collateral assets like fiat dollars that sit in a bank. Requires trust in third party.
Non-custodial (aka decentralized): fully on-chain and backed by smart contracts & economics. No trusted parties.
29/x
Metamask’s current solution is the (very effective) bright red warning (shown in the first image) telling the user how dangerous a signature may be when using ETH_SIGN. I think this is sufficient - although the best solution would be disabling the functionality entirely.
28/x
Well- it turns out this is a Metamask issue, and many other platforms (such as Geth) do not allow ETH_SIGN to sign raw transactions anymore. Thus, much of the documentation online DOES NOT APPLY to Metamask currently. This leads to quite a bit of confusion on the risks here.
25/x
So how does PERSONAL_SIGN protect against this? By using PERSONAL_SIGN, the prefix at the beginning of the message prevents it from being used as a transaction (as it would fail, since the prefix is not valid instructions for the evm).
24/x
The attacker can then broadcast that transaction to the network, posing as you, and the transaction will be executed.
All by signing a message in Metamask.
23/x
But - how can an attacker tell the network to execute that transaction? Because, with ETH_SIGN, you signed the raw transaction (in the form of a message) with your private key.
16/x
Looking around a bit - we can see that personalSign comes from the “eth-sig-util” package. By checking out the code there - we can see the real PERSONAL_SIGN logic.
15/x
Looking at PERSONAL_SIGN, we can see the rabbit hole goes a bit deeper. Instead of simply signing the raw message data and returning it - a new “personalSign” function is being called with our message.