Binance Research Identifies Design Flaw on Prediction Market Platform Augur
According to April 1, 2019, report by Binance Research, a number of design flaws have been discovered in predictions-market platform Augur that can easily be exploited by malicious persons to defraud genuine users out of their staked tokens. The report posits that low volumes have made the Ethereum-based decentralized predictions platform vulnerable to market manipulation.
Vulnerable to Market Manipulation
Research by Binance cryptocurrency exchange has unearthed an ongoing “design flaw attack” facing the Ethereum (ETH)-based prediction market Augur. The report also gives other details affecting the Augur platform including low liquidity, limited participation rates, and complex settlement and forking mechanisms.
Binance CEO, Changpeng Zhao, acknowledged the report in typical CZ manner:
The Augur platform, according to Dappradar, had only 64 daily active users in the 24 hours preceding the release of the report with approximately $158,000 in ETH going through its wallets during the same period and many markets remaining idle.
According to Binance, these incredibly low volumes and participation make the Augur market easy to manipulate. Users with several accounts can create “wash trading” and make false impressions that make genuine bettors vulnerable to design flaw attacks.
During a design flaw attack, the malicious users create a new market with highly probable outcomes and use their multiple accounts to bet against it, thereby attracting genuine users to place high bets against them. These can include a wrong date or contradictory terms and conditions.
Bet On Unlikely Outcomes and Reap Profits
When a market is considered invalid, bettors who took a position in that particular market will get paid out at equal values for all the possible outcomes. However, since there are prediction market outcomes that differ in probability, the cost of betting on each outcome also varies.
The crooks deliberately create markets that will resolve as invalid since the outcome is highly likely and the other unlikely. The attackers place bets on unlikely outcomes and reap profits from honest participants as soon as the market is deemed invalid. There was a warning message displayed by Augur.casino, as of Mar. 31st, 2019, stating:
“If a market resolves as invalid, each share is refunded to traders in equal amounts. If the reporting start time (UTC) isn’t after the actual end of the event, or if the title/description and reporting start time don’t match up, there is a high probability that the market will resolve as invalid.”
Admitted There Was a Malfunction
Augur core developer Joey Krug admitted there was a malfunction in the system even though he had previously stated that the crypto community was exaggerating the scam. Krug went on to report that the solution would be available with the updated version Augur version 2. Krug stated then:
“The Augur team has already admitted that these technical problems were on their radar six months ago, but little action has been taken to protect users.”