Announcing the $40,000 STRIPS Hackathon!

STRIPS Hackathon Details

  1. $40,000 USDC award pot
  2. Review the GitHub repository for the hackathon here
  3. Submit findings using issues using this form
  4. Please read our guidelines below for more details
  5. Starts: 1 December 12:00 UTC
  6. Ends: 12 December 12:00 UTC
  7. Join our developer-only Telegram to ask any question

How to start

How to receive USDC, STRP, and LP tokens

  1. In github repo you have artifacts and deployment scripts for all the contracts
  2. You can launch your own copy of Strips on your local hardhat node
  3. And do whatever you want with that.
  1. Fork testnet on your local machine
  2. Unlock addresses of STRP and SUSD owner.
  3. Transfer STRP to your wallet for test. (STRP max is 100mln)
  4. For SUSD you have mint (onlyOwner) call which you can use to mint unlimited amount of SUSD to any wallet
  5. Then use UniswapRouter02 (SushiLpPair — is address of STRP-SUSD pool) to stake liquidaity to the pool and receive SUSHI-LP tokens back.
  6. Now you have LP balance, that you can use to stake to market/insurance

About STRIPS

Key Features

  1. Users can long or short an interest rate market using leverage. Position collateral is in USDC.
  2. Users position pnl consists of funding pnl and trading pnl in USDC.
  1. Users can add collateral and remove collateral from their open positions above the liquidation threshold.
  2. Positions are netted for the same market. (i.e. if a trader goes long $100 and then goes short $200, his position will be -$100)
  3. Users can earn LP tokens + (USDC trading profits and fees) by staking in the AMM
  4. Users can earn LP tokens + (USDC liquidation profits by staking) in the insurance fund
  5. Users can stake STRP in governance contract and earn 20% trading fees for the whole protocol
  6. Traders and stakers can earn additional STRP rewards from trading and staking
  7. Liquidators can call function to liquidate positions with collateral and unrealized loss together is less than 3.5% of notional, and share 0.2% of liquidation profit

Contracts

🔍 Scope

.
├── external # ABI and artifacts
├── deploy # deploy with local.ts
├── params # Configuration of the contracts params
├── test # Examples
├── docs # Contracts scheme
└── README.md

Submission Criteria

Rewards

Critical severity (6-10 score) pot size = $25,000 
Medium severity (3-5 score) pot size = $10,000
Low severity (1-2 score) pot size = $5,000
Points = Severity score * (0.8^Report Counts) / Report Counts
Reward = Pot size * Points / Total Points

Criteria

  • If you can find anything similarly severe which is not mentioned in examples: your severity score will be 10 out of 10
  • If you can achieve anything mentioned in hacking examples below: you will get severity score of 8 out of 10
  • If you can find technical issues such as overflow and underflow: your severity score is likely to be 5 out of 10
  • If you can find minor issues such as missing modifier: your severity score is likely to be 2 out of 10
  • Strips will remain the authority to assign the severity score and categorize similar findings into same report counts. We promise to take 100% seriousness when we review your reports.

Examples

  1. You can stake and unstake in the same block.
  2. You can open and close in the same block.
  3. You can implement a flashloan attack on STRIPS.
  4. You can open a position that will be immediately liquidated, and not stopped by the system.
  5. You are able to manipulate the market price and have a net positive return after closing all your positions all else being equal. Please attach the arbscan transactions and logs.
  6. If you can manipulate the floating rate received from the oracle to boost your return.
  7. As a staker, when you find that USDC balance is very low, and you happen to have positive staking profit (from unrealized profit as AMM from open trading positions), if you can manipulate the LP token price, and then use unstaking function to force AMM to redeem large amount of LP tokens? If you can achieve this profitably, please attach arbscan.
  8. If you can create artificial liquidation squeeze on Arbitrum testnet:
  • Disabling liquidation function, so there will be an interruption to the liquidator
  • Manipulate the market fixed rate to 2000%
  • Open many short positions, to receive positive funding profit from receiving fixed rate at 2000% and paying oracle at 2% only as time passes until all longs are liquidated when liquidation function is fixed.
  • Profit expected: collect (2000%-2%) * notional over period of time when liquidation function is interrupted
  • Loss: lose 100% of the collateral on the long positions used to push the fixed price to 2000%
  • If you achieve positive net profit, please show us and attach arbscan.
  • liquidation fee of 0.2% of realized profit as external liquidator
  • stake before you put on short trades: because before you put on one trade to squeeze the market, the unrealized pnl for these long positions is positive. Attacker’s short will cause the last long trader to be liquidated, who further pushed down the market fixed rate, and cause more liquidations of longs. Throughout this process, AMM’s Unrealized PnL will change from unrealized loss (against longs) to realized profit collected from liquidated long positions. You, if staked before putting on the short position, will be able to benefit most of the profits if the staking portion is big enough.
  • your short position will also have large profit when market fixed rate is pushed to a lower level during these liquidation squeeze.
  • This is common to many derivatives products such as BTC perpetual futures. Among people who realized this scenario, if you can show the arbscan and tell us your total profit (as a staker and/or as a trader), the report with highest total profit will be given the highest severity 10 out of 10 compared to others who only gets 8 out of 10.

Important

--

--

--

To build the largest fixed income trading platform for DeFi

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

BeeEx IPFS Director Midas| Why IPFS is the Best Investment in 2020?

Galactic Airdrop from S.S.R. Coinmarketcap

Daily Technical Analysis BTC & ETH — 19th April 2022

ETH- KAI Dual Bridge is officially LIVE!

4 Ways to Avoid Crypto Volatility

How Governments can Inject Liquidity into Supply Chains during the COVID 19 Crisis

Endorsit Weekly Report (15/07/2018–21/07/2018)

Why Do Investors Like Binance Coin? A Review Of BNB

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Strips Finance

Strips Finance

To build the largest fixed income trading platform for DeFi

More from Medium

The World Series of Options p.1

No more risk in handling crypto-currency. Be a part of Reltime DEFI ecosystem.

Stablecoins: Fully explained

Polar Sync — January Update ❄️