Investor's wiki

Design Flaw Attack

Design Flaw Attack

A design flaw attack alludes to an attack wherein a malicious client purposely makes a smart contract, decentralized market, or other software with information on certain flaws to trick people interfacing inside the permissionless environment.
A design flaw attack normally exhibits high apparent incentives for users to lock their funds into a smart contract. A flawed definition in certain rules encompassing the contract, or the protocol on which it is fabricated, may lead to unfair settlement or release of funds.
A design flaw attack can likewise be directed when a malicious client chooses to take advantage of flaws on a contract that was made by one more client with practically no vindictive intent. In this case, the attack would depend on data asymmetry between the attacker and any potential open network participant.

Models

Expectation markets on the Augur platform are one target of design flaw attacks. For example, a considerable lot of its broken markets depend on dubious and hazy definitions, with the ultimate purpose of fooling users into betting money in a contract whose outcome will be questioned due to clashing boundaries and translations.
Other potential design flaw attacks might target oracles or data sources, for example, price takes care of. For instance, an attacker could purposely target a market or protocol that depends on a single outer price source API that might be censured before a contract termination/settlement date, subsequently giving the attacker an advantage in having the option to control any smart contracts depending on this data source.