BitShares XT - Security against Market Manipulation FIND ATTACKS FOR TIPS

[bytemaster]

It has been over a month, and no response to my critical manipulation. I myself have not thought of a way to prevent it.

Neither "limiting trading based on market depth" nor "maximum price movement per block" will prevent a sudden decrease in the market price of USD/BTS on external exchanges (which are absolutely required if one is using PoS). This price decrease will de-collateralize everything, resulting in cascading margin calls that cause BTS to fail to track every asset (as they will all be doubling in value toward the same infinity, as shorts sell to avoid Mcalls and longs sell to cash out their BTS [both at rates "faster" than the collapse in external USD/BTS thanks to the new 'maximum price movement' requirement (which is artificially slowing the internal USD/BTS)]).

Moreover, I feel that the fee structure...

Fees are calculated based upon how much of the order book you walk.

Given bids of 99, 98, 97, and 95.... to buy it all up in one go you enter an ask for 4@95.   You will receive 4*95=380 rather than 99+98+97 = 389 for a fee of '9'.    Obviously, if you attempted walk the book all the way down to 50, your fees are going to average 25%.

...encourages low volume (more trades = higher fees, as is obvious in the above example, 1 bid=0 fees), and large spreads (as you literally pay for every dollar the market-price moves past your existing bids/asks). As volume collapses, the market may lose all of its liquidity completely. Strategically, people will be hesitant to enter a soon-to-be-illiquid market.

All phenomena create an equilibrium of non-tracking and no trade.

( This thread promises tips in exchange for "finding attacks", but I have not yet received any tips. My Bitcoin address is 1DSrFGXJdsFw2MsrgwHeQxWq1djQk4jcyD )

MolonLabe,  my apologies for not following up on this thread in a while and of course some tips are due for some of the attacks presented.

Attempting to summarize your claimed attack:

1) Sudden decrease on external exchanges in excess of a 50% fall in value would immediately leave some BitUSD un-collateralized... assuming this was a real devaluation and not a 'flash crash' due to technical glitch on external exchanges.   In this particular case the shorts deserve to lose everything and the longs get their maximum return.  This isn't so much an attack as a real market movement where real value should change hands.

2) In markets most trades / volume is considered noise and is not based upon new information entering the system.  There will be lower volume and wider spreads with this system, but think of it is nothing more than a filter that eliminates noise.  The result is that market participants actually have a clearer picture of the value and risk.

3) After thinking through it some I think we can conclude that a short position's maximum cover bid is 2x their initial open price.   If the market moves by more than that amount before the shorts can cover then the holders of BitUSD can choose between keeping their BitUSD or selling for 2x the shares they purchased at.  This would cause BitUSD to momentarily be valued less than real USD as it would become pegged to the value of the collateral backing it.    The holders of BitUSD have a limited insurance policy agains volatility equal to the collateral.  They are not promised 100% peg like an IOU reserve system would.

4) So lets assume there is a 75% fall in the value of BTS and that initially 1 BTS = $100... now 1 BTS = $25 USD.     This means that there are 2 BTS backing every 100 BitUSD and thus we now have $50 of value backing 100 BitUSD.   The BitUSD holders have only one way to exit their position, they must sell their BitUSD and the shorts are only offering $0.50 on the BitUSD.   The short has no incentive to cover so they can hold their offer for ever.  The long has two choices, take $0.50 on the BitUSD or hold the BitUSD and wait for BTS to recover. Whether they hold or sell they are effectively invested in BTS because the value of their BitUSD is now pegged to BTS until the value of the collateral rises above $1 per BitUSD.

So lets study this limit condition a tad closer:   does the market stop, clear, and automatically reset or does it fail for ever?

   a) Assume BTS price in real USD is still out there and trading at $25 USD and thus whatever caused the 75% instant devaluation is not causing further decline.
   b) Assume you hold BitUSD... what price would you sell it at?  You will not sell below $0.50 on the BitUSD because there are open bids at that price. 
   c) What price would you buy it at?  You will buy BitUSD at any price less than the value of its collateral. 
   d) What price would you short it at?  You will still short it at a rate of 25 BitUSD to BTS because you can make money when it goes up to 50 BitUSD per BTS.

In other words in a rapid downward movement BitUSD will become decoupled from USD proportional to the percentage of shorts that run out of collateral.  The market will recognize this fractional insolvency.  If 100% of all shorts run out of collateral, the value of BitUSD becomes pegged to BTS until enough new shorts enter the picture to reduce the overall insolvency.  The longs can either eat their losses or hold and wait for the value of the collateral to recover.   Once the value of the collateral recovers then the peg to USD resumes.   

Now an attacker could attempt to manipulate the price and cause a short squeeze that will wipe out all shorts.  But they will not be able to cause BitUSD to be unbacked all together... the most they could do is drive it to the value of the collateral. 

How can an attacker profit? 
1) the attack must be fast (high fees)
2) the attacker must short BitUSD into the short squeeze caused by their own buying of BitUSD
      - the attacker's behavior is actually the same behavior of honest market participants in response to excessive buying of BitUSD
3) the attacker covers their short positions with the BitUSD they bought to send the price up.

The assumption of Molon is that if the market recognizes any attack it could become fulfilling as everyone joins the attack.  The basis of these markets is all in predicting what others will do as that is the foundation of the peg.  If consensus suddenly changes then the peg will follow that consensus all the way to its logical conclusion.  So you could attack the peg by attempting to persuade the market that an attack is happening and inevitable and if you are successful then it will be self-fulfilling. 

So if an attack starts and people believe that someone is attempting an attack then they have three choices:

a) wait it out and be long BitUSD... no profit/no loss in the long run
b) knowing that the price eventually will revert, you can short with 10x the collateral so you don't face a margin call and can profit as the price falls... this will hinder the attack and make you money no matter what.
c) Join the attack.... buy BitUSD while shorting at a higher price and cover with the difference.

The people being attacked in this instance are the shorts who face a margin call (and fee) based on something other than fundamentals.  As a short observing market behavior you know that you can be attacked at any time.   Your choices are:

a) cover early, this will help accelerate the attack by causing buying pressure on BitUSD
b) add collateral and ride it out.
c) join the attack by covering early and re-entering a short position later.

So it is clear that if enough wealth joins the attack everyone will join it.... but what are the risks of joining the attack? 

a) If you join the attack at the top of the 'bubble' or the attack fails to hit critical mass, then you just bought BitUSD high and will lose money.

What does this mean for trading strategies?   It means that shorts who are worried about such an attack will only enter the market toward the peak of the attack (ie: when they think there is a major bubble) and otherwise will not go short without ample collateral at prices they think are reasonable.

The more I think about it this entire 'attack' is no different than any regular bubble, pump & dump psyop.   These are features of all markets and from the perspective of market participants this would be no different than a bubble in Bitcoin.... buy a bunch of BTC slowly over time... then trigger a buying rush with rumors... sell at the top.   If you can get leverage so much the better.

People who trade on leverage are always vulnerable to bubbles.  Trading on leverage in a thin market with high volatility is RISKY by definition... it is also profitable for the same reason.   Therefore, any losses are part of the 'game' and ultimately the price will track as depth and volatility decrease.





 







 

[toast]

	Conform	Attack
Conform	(0,0)	(-100%,-99%)
Attack	(-99%,-100%)	(-99%,-99%)

With the best-response of Attack if there is belief that others will attack (which itself could result from paranoia/panic/manipulation).

However, say that the price of BitUSD is currently too high (for whatever reason). There is a small benefit to going short and correcting the price, but also a small possibility that there is an attack underway which will reduce reduce your BTS by 100% if you short, and BTS value by 99% if you do nothing.

You're saying there's a "small benefit" to correcting the price, so shouldn't it be this?

	Conform	Attack
Conform	( , )	(-100%,-99%)
Attack	(-99%,-100%)	(-99%,-99%)

[MolonLabe]

It has been over a month, and no response to my critical manipulation. I myself have not thought of a way to prevent it.

Neither "limiting trading based on market depth" nor "maximum price movement per block" will prevent a sudden decrease in the market price of USD/BTS on external exchanges (which are absolutely required if one is using PoS). This price decrease will de-collateralize everything, resulting in cascading margin calls that cause BTS to fail to track every asset (as they will all be doubling in value toward the same infinity, as shorts sell to avoid Mcalls and longs sell to cash out their BTS [both at rates "faster" than the collapse in external USD/BTS thanks to the new 'maximum price movement' requirement (which is artificially slowing the internal USD/BTS)]).

Moreover, I feel that the fee structure...

Fees are calculated based upon how much of the order book you walk.

Given bids of 99, 98, 97, and 95.... to buy it all up in one go you enter an ask for 4@95.   You will receive 4*95=380 rather than 99+98+97 = 389 for a fee of '9'.    Obviously, if you attempted walk the book all the way down to 50, your fees are going to average 25%.

...encourages low volume (more trades = higher fees, as is obvious in the above example, 1 bid=0 fees), and large spreads (as you literally pay for every dollar the market-price moves past your existing bids/asks). As volume collapses, the market may lose all of its liquidity completely. Strategically, people will be hesitant to enter a soon-to-be-illiquid market.

All phenomena create an equilibrium of non-tracking and no trade.

( This thread promises tips in exchange for "finding attacks", but I have not yet received any tips. My Bitcoin address is 1DSrFGXJdsFw2MsrgwHeQxWq1djQk4jcyD )

[MolonLabe]

With respect to the 'risk free' return.... I think you are discounting a risk:  such an attack will devalue all of the BTS you 'won'.   So I wouldn't lend someone ANYTHING to perform this attack.    This particular attack would be for malicious take-down.

This attack assumes you can get a monopoly on all of a BitAsset or at the very least that all holders of that BitAsset are willing to collude to push up the price and that there is no one left who is willing to go short.  You state that knowing this attack is possible (or underway) would prevent people from going short.   If you hold BitUSD then you are counting on being able to sell your BitUSD for more than $1 worth of BTS.... but if you collude to push the price up you could end up getting nothing and losing.

So the strategy here is to buy BitUSD, place a sell order at a much higher price and wait.   Everyone in the market does this and essentially ties the hands of the shorts because they run out of capital to counter the longs.   Then... once the BitUSD holders 'win' they collect all of the BTS... but of course it is worthless.

I'm updating my answer somewhat. I no longer believe that an outsider would profit from this attack, for the reason you give. Instead I think that this attack will just emerge. I assume that, post-attack, BTS loses 99% of its economic value. As shorts lose 100% of their risked economic value, and mutual attacking is possible (and increases the likelihood of attack success), we have:

	Conform	Attack
Conform	(0,0)	(-100%,-99%)
Attack	(-99%,-100%)	(-99%,-99%)

With the best-response of Attack if there is belief that others will attack (which itself could result from paranoia/panic/manipulation).

However, say that the price of BitUSD is currently too high (for whatever reason). There is a small benefit to going short and correcting the price, but also a small possibility that there is an attack underway which will reduce reduce your BTS by 100% if you short, and BTS value by 99% if you do nothing.

So I think the true attack is that this spooks everyone into selling their BTS....for USD to wait out any potential attack. In other words, outside the BitSharesX system. This can easily become self-fulfilling (selling BTS for 'real USD' is exactly like going long BitUSD) and the "devalued BTS" counterargument actually exacerbates the attack!

To be clear, the new attack is:
1] Start the "Up and Away" attack (either directly, or through rumor/panic/misinformation) on a tradable BitAsset (such as BitBTC or BitUSD).
2] Sell BTS for the real-life version of that BitAsset.

The gains are both from doubling BTS in 1, but also by avoiding huge losses in 2 (if you are not part of the attack, you lose 99%, whereas attackers do not).

[tonyk]

Suggestion for the problem with liquidating short positions that potentially lead to BitAssets/BitUSD flying in the system with no backing.

There are (possibly) situation where the liquidated short position’s margin is not enough to buy all the required BitUSD (example are rapid price appreciation of BitUSD due to natural factors and  SIDS Attack)
 
The suggestion assumes that the market do have  ‘caps on price movement/per block’ (I in vision such cap at no more than 1%, probably less)

Generally the idea is – instead of covering the low margin short position by placing a buy order on the market on behalf of such short position holder, covering with existing long position (or portion of such position) @ price=last transaction price on the market (alternatively @ average price in the last block) and automatically placing buy order for the same amount at the same price on behalf of the long position holder.(Note: Such order should be modifiable/cancelable buy the long position holder at his earliest convenience)
I have 2 variants how the long position holder is selected for such transaction –
 (a) the counter party in the initial short sale – this of course if the block chain contains the info (I am not sure if it does)
(b) randomly selected long positions – here effort should be made to find best balance between taking as little as possible from such long position (let say try if possible not to sell more than 5% of each of such selected long) and the stress on the system if too many such long are selected to facilitate minuscule transactions. (Note: such longs should probably receive portion of the 5% liquidation fee, so they do not have to pay the transaction fee on this and the subsequent buy order from their own pockets)

P.S. I see the disadvantages of the above proposal, believe me. I just think it just better than uncovered assets flying around in the system and/or having to have 10x margin requirement.

[tonyk]

HI, bytemaster
First, I am happy to see that you are seriously considering going back to 2x margin, no matter if it is because of the attack suggested by my or any of the other attacks.
Second, Thanks You for offering a tip for me suggesting the Unbalanced Forces Attack/BitUSD Monopoly Attack. I would prefer it in BTX (as opposed to PTS) and am ok waiting for the wallet release if you do not mind, as the next DAC is too far in the future for my liking plus all Bank/Exchanges will be based on BTX not PTS, as I understand.
In your post you showed some doubt for how exactly one will profit from BitUSD Monopoly Attack. While my idea was to point how easy it is to distort the market (just for the heck of it, no money gains in mind) and to show that somebody with 10% of BTX (and most likely with far less than that) can choose/control the price of all BitAssets (or at least choose to set their price at arbitrary upward point). In my mind this is dangerous enough. I think that the people will come with more and ‘better’ ways to use it for their advantage but if you insist here are my 3 ways on how one can profit from it:
1. Introducing market/solution that lacks the above deficiencies… (if losing all/most/some money invested in 10% of all BTX is worth it)
2.The inflated BitUSD can be sold/exchanged on an outside market for USD or other ‘meat space’ currency before the price support is withdrawn and the price of BItUSD potentially/likely goes down
3. One can come up with a ‘fund’ that offers an investment in asset/s (BitUSD and other BitAssets) that guaranty (7%, 10%, 14% return/year).
 And what is more troubling, he/she can actually secure such return for year after year, after year; by simply controlling the price (or at least the upward movement of the price) of said asset. And while mass withdrawal of money from such fund may expose the  scheme such fund is, so are pretty much every bank/fund (meaning none of them can sustain mass withdrawal of funds without outside help or going bankrupt)


On totally different note (without too much thought, this is just how I feel in general about it):
1.‘short squeeze’  is nothing to worry about - it is a natural market development and if they/ the shorts feel pressure they better have ‘easy way to add additional margin/cover and sale at the new price ’ if they do not want to be forced to liquidate.
2.Caps on price movement/per block is the way to remove/soften the blow to the system, in my opinion. Also the margin call buy orders (as market orders –i.e. no upper limit on the buy price), should be filled up first before other buy orders.
3. I have a suggestion that I will put in the next post….

[MolonLabe]

Fees are calculated based upon how much of the order book you walk.

Given bids of 99, 98, 97, and 95.... to buy it all up in one go you enter an ask for 4@95.   You will receive 4*95=380 rather than 99+98+97 = 389 for a fee of '9'.    Obviously, if you attempted walk the book all the way down to 50, your fees are going to average 25%.

That's clever. Everyone gets exactly what they asked for, and the service is compensated for mediating the transaction. However, I'm paying no fees when I Bid on my own Asks as the price drifts upward, so for a large return even the fast version may be worth it (and the slow version is still always worth it).

With respect to the 'risk free' return.... I think you are discounting a risk:  such an attack will devalue all of the BTS you 'won'.   So I wouldn't lend someone ANYTHING to perform this attack.

This seems correct. I was thinking about it this morning, and had an insight: the attack is deadlier with heterogeneous markets...if some are large and some are small, the attack is worth it on only the smaller markets. However, if all markets are similar size, the attack is difficult to coordinate.

I was trying to think of a way of coordinating market depths/volumes but could not think of one. This implies that if a market becomes relatively (not absolutely) unpopular it may suddenly undergo this phenomena.


Since people apparently are expected to name their attacks, I'm going to suggest the "Up and Away" (UA) Attack (because the price [in BTS] goes up and takes money away from the shorts).

Do you have a comment on the market depth calculation? This attack relies on not tripping this rule. My intuition is that, unless it is costly to place or cancel an order, the rule will be easy to evade.

[天籁]

The 10x margin is all well and good in preventing attacks discussed but it leads (in my opinion) to exposing system problems already existing in the proposed market – in particular small (and known/pre-determined) money supply. Adding to this small money supply a strongly unbalanced voting/price determination power is dangerous (and that is what the 10x margin does). What I mean is in order for the shorts to cast a vote (to say generally that the BitUSD is overvalued they need 9-10 times the resources/money  the counter party needs to say the BitUSD is undervalued). This misbalance will in itself  stay in the way of the market determining the fair price of the Bitassets but in the context of this discussion here is an example of market manipulation/attack that this misbalance facilitates.

One (the attacker) will need no more than 10% of the all BTXs to have full control over the demand for all BitAssets. That is to say he can match all asks in all assets even if everybody else is 1. Participating/actually placing orders in the market 2. everybody else is of the opinion that the BitUSD is overvalued (i.e. is placing a sell/short sale orders). In practice the attack will be possible with probably 1-3% of all BTXs to attack just one particular BitAsset.


Here is a very rough form of the attack (refining it is not that hard)
Having 10.01% of the all BTXs
1. Buy some arbitrary amount of all offered BitUSD (Let say 5%-10%) at the very beginning of the market at say price p1.
2.Place an ask order for the Bitasset bought in step#1 at let’s say 130.01% the purchase price p1.
3.Place big enough ask bid/s (as of quantity BTX offered up to 10% of all BTXs, but in practice you will need most of the time much smaller amount)  @ price sliding from 101% to  130% the p1 price. Effectively matching/swallowing all asks coming to the market.
The important thing here is that your demand for BitUSD is so big that you can ‘swallow’/match any possible ask coming to the market so you will inevitable drive the price to the desired level.
4. Keep a ‘hard bottom’ (placing a bid order/s @ 130% p1, for amount of BitUSD unsurpassable by any and all potential ask orders) until you have sold sufficient percent of the initial BitUSD (bought @100% p1and sold for 130.01% p1)
5. At your leisure push the price slowly from 130% p1 to let say 160% p1, as in step 3.
And cash in some more BitUSD @160.01% p the same way as in step 4.

If you asked me name the attack  -‘Unbalanced Forces Attack” (‘Unbalanced forces are forces that produce a non-zero net force, which changes an object's motion’)

This is a very solid consideration and worthy a tip for simply suggesting it.  I am going to think through this one a bit more. 

I am going to call this attack the BitUSD Monopoly Attack rather than Unbalanced Forces Attack because the premise is that once you monopolize a BitAsset you can set any price for it you want and thus trigger a margin call on the shorts and steal their money.   This attack is made possible by reducing the percentage of BTS required to buy all short positions.   

In the initial design it would require 50% of the BTS to pull of this attack.   Going to 10000x margin would allow almost anyone to pull of this attack.  And like you said, a 10x margin allows anyone with 5% to pull off this attack.      If I reduce it to 4x margin then the amount required to pull of this attack is 10-20%.   Now the assumption here is that someone who owns 10-20% couldn't actually profit by this move because it would entirely undermine his huge investment and while he may end up doubling his percentage ownership he would cause it to be worth 10% of the original value.   

Perfectly balanced (original design) is actually not quite perfectly balanced because the shorts can be squeezed.  I suspect there is a balance between various attacks.   We must assume intent to profit by the attack and I don't see how someone can profit in real terms with this attack.

I don't think tonyk’s attack is possible. As one continually asks more Bitasset which pushes the price from 100 to 130, he must buy  much much more than he could have sold in 130. So,he lost more BTS than he may get, the amount of his BTS will reduce,the attack fails.

[bytemaster]

Given bids of 99, 98, 97, and 95.... to buy it all up in one go you enter an ask for 4@95.   You will receive 4*95=380 rather than 99+98+97 = 389 for a fee of '9'.    Obviously, if you attempted walk the book all the way down to 50, your fees are going to average 25%.

You would have to enter 4 asks in 4 different blocks to minimize your fees to just the 'fee per byte'.

I'm a bit confused. Why does this need four blocks?
What trades would be executed if four new asks (1@95, 1@97, 1@98 and 1@99) meet these existing bids at the same time? Only the first two??

Lowest ask (95) would be paired with the highest bid (99) and a fee of 4 would be charged...
ask 97 would be paired with bid 98 and a fee of 1 would be charged.

Remaining lowest ask would be 98, and highest bid would be 97 so trading would stop.

[Markus]

Given bids of 99, 98, 97, and 95.... to buy it all up in one go you enter an ask for 4@95.   You will receive 4*95=380 rather than 99+98+97 = 389 for a fee of '9'.    Obviously, if you attempted walk the book all the way down to 50, your fees are going to average 25%.

You would have to enter 4 asks in 4 different blocks to minimize your fees to just the 'fee per byte'.

I'm a bit confused. Why does this need four blocks?
What trades would be executed if four new asks (1@95, 1@97, 1@98 and 1@99) meet these existing bids at the same time? Only the first two??

[bytemaster]

Fees are calculated based upon how much of the order book you walk.

Given bids of 99, 98, 97, and 95.... to buy it all up in one go you enter an ask for 4@95.   You will receive 4*95=380 rather than 99+98+97 = 389 for a fee of '9'.    Obviously, if you attempted walk the book all the way down to 50, your fees are going to average 25%.

You would have to enter 4 asks in 4 different blocks to minimize your fees to just the 'fee per byte'.

With respect to the 'risk free' return.... I think you are discounting a risk:  such an attack will devalue all of the BTS you 'won'.   So I wouldn't lend someone ANYTHING to perform this attack.    This particular attack would be for malicious take-down.

This attack assumes you can get a monopoly on all of a BitAsset or at the very least that all holders of that BitAsset are willing to collude to push up the price and that there is no one left who is willing to go short.  You state that knowing this attack is possible (or underway) would prevent people from going short.   If you hold BitUSD then you are counting on being able to sell your BitUSD for more than $1 worth of BTS.... but if you collude to push the price up you could end up getting nothing and losing.

So the strategy here is to buy BitUSD, place a sell order at a much higher price and wait.   Everyone in the market does this and essentially ties the hands of the shorts because they run out of capital to counter the longs.   Then... once the BitUSD holders 'win' they collect all of the BTS... but of course it is worthless.

I think that between the sling shot (short squeeze) and this attack... this one is much worse.   This is the best argument to return to the 2x margin.  Anyone who can purchase 50% of BTS owns the network anyway.

 

[MolonLabe]

All of these types of attacks depend upon a thin order book.   We recently added changes to require a minimum market depth before trading can occur.   Also, shorts are only forced to accept a high price *when* there is a margin call.  Otherwise they are unaffected.  By increasing the margin to 10x you would have to manipulate the price up by 5x before you could trigger such a call.

How are you calculating market depth (there are many ways)? Can you give examples of market's and their measured depths? What prevents me from faking the market depth with orders that are never filled?

More importantly, you overlooked my previous explanation for why this rule does not prevent the attack:

...There's already a mechanism to limit the effect of a short squeeze by increasing margin requirements.

... This attack produces a risk free return, not a finite payoff, so if anything the ability to put more money into the attack should make it easier to find someone to lend me the money required to pull it off.

In other words, it costs 5x more perhaps, but I can make 5x more money so it doesn't matter.

The fees would be very high to manipulate it up all at once, and if you attempt to do it slowly new shorts will enter the game.

How are fees calculated?

Why on earth would shorts enter the game? There remains a nonzero risk of them losing their entire position, correct? If I sensed the attack beginning I wouldn't go anywhere near the game, in fact I would go long regardless of my belief about the price.

[bytemaster]

The 10x margin is all well and good in preventing attacks discussed but it leads (in my opinion) to exposing system problems already existing in the proposed market – in particular small (and known/pre-determined) money supply. Adding to this small money supply a strongly unbalanced voting/price determination power is dangerous (and that is what the 10x margin does). What I mean is in order for the shorts to cast a vote (to say generally that the BitUSD is overvalued they need 9-10 times the resources/money  the counter party needs to say the BitUSD is undervalued). This misbalance will in itself  stay in the way of the market determining the fair price of the Bitassets but in the context of this discussion here is an example of market manipulation/attack that this misbalance facilitates.

One (the attacker) will need no more than 10% of the all BTXs to have full control over the demand for all BitAssets. That is to say he can match all asks in all assets even if everybody else is 1. Participating/actually placing orders in the market 2. everybody else is of the opinion that the BitUSD is overvalued (i.e. is placing a sell/short sale orders). In practice the attack will be possible with probably 1-3% of all BTXs to attack just one particular BitAsset.


Here is a very rough form of the attack (refining it is not that hard)
Having 10.01% of the all BTXs
1. Buy some arbitrary amount of all offered BitUSD (Let say 5%-10%) at the very beginning of the market at say price p1.
2.Place an ask order for the Bitasset bought in step#1 at let’s say 130.01% the purchase price p1.
3.Place big enough ask bid/s (as of quantity BTX offered up to 10% of all BTXs, but in practice you will need most of the time much smaller amount)  @ price sliding from 101% to  130% the p1 price. Effectively matching/swallowing all asks coming to the market.
The important thing here is that your demand for BitUSD is so big that you can ‘swallow’/match any possible ask coming to the market so you will inevitable drive the price to the desired level.
4. Keep a ‘hard bottom’ (placing a bid order/s @ 130% p1, for amount of BitUSD unsurpassable by any and all potential ask orders) until you have sold sufficient percent of the initial BitUSD (bought @100% p1and sold for 130.01% p1)
5. At your leisure push the price slowly from 130% p1 to let say 160% p1, as in step 3.
And cash in some more BitUSD @160.01% p the same way as in step 4.

If you asked me name the attack  -‘Unbalanced Forces Attack” (‘Unbalanced forces are forces that produce a non-zero net force, which changes an object's motion’)

This is a very solid consideration and worthy a tip for simply suggesting it.  I am going to think through this one a bit more. 

I am going to call this attack the BitUSD Monopoly Attack rather than Unbalanced Forces Attack because the premise is that once you monopolize a BitAsset you can set any price for it you want and thus trigger a margin call on the shorts and steal their money.   This attack is made possible by reducing the percentage of BTS required to buy all short positions.   

In the initial design it would require 50% of the BTS to pull of this attack.   Going to 10000x margin would allow almost anyone to pull of this attack.  And like you said, a 10x margin allows anyone with 5% to pull off this attack.      If I reduce it to 4x margin then the amount required to pull of this attack is 10-20%.   Now the assumption here is that someone who owns 10-20% couldn't actually profit by this move because it would entirely undermine his huge investment and while he may end up doubling his percentage ownership he would cause it to be worth 10% of the original value.   

Perfectly balanced (original design) is actually not quite perfectly balanced because the shorts can be squeezed.  I suspect there is a balance between various attacks.   We must assume intent to profit by the attack and I don't see how someone can profit in real terms with this attack.   

[toast]

4. Keep a ‘hard bottom’ (placing a bid order/s @ 130% p1, for amount of BitUSD unsurpassable by any and all potential ask orders) until you have sold sufficient percent of the initial BitUSD (bought @100% p1and sold for 130.01% p1)

How can you sell enough bitUSD to make a profit without pushing the price back down to before you started the attack (assuming the market doesn't re-value the asset at your new price, which is legit, since you just went long at the right time)? Wouldn't you hit your own bid wall?

[bytemaster]

Sure. I don't even know if it works, but this is what I was thinking:

(I am thinking about it in bts/usd, I dont see why that should make a difference as it is only a question of units [but I guess it might]).

BID 1 usd @ .01       bts/usd    (100 usd/bts)
BID 1 usd @ .01111 bts/usd    (90 usd/bts)
BID 1 usd @ .0125   bts/usd    (80 usd/bts)
BID 1 usd @  (1/70) bts/usd
ASK 1 usd @  (1/60) bts/usd
ASK 1 usd @  (1/50) bts/usd
ASK 1 usd @  (1/40) bts/usd

Buy all Asks:
I have spent .0559523809 bts on +3 usd, lets call them: [ -.0559523809, +3] total.
Counterparties are:
   [ + .0166666 = (1/60), -1 ]   (first short)
   [ + .02, -1 ] 
   [ + .025, -1 ] 

BID 1 usd @ .01       bts/usd    (100 usd/bts)
BID 1 usd @ .01111 bts/usd    (90 usd/bts)
BID 1 usd @ .0125   bts/usd    (80 usd/bts)
BID 1 usd @  (1/70) bts/usd
+
BID 1 usd @  (1/20) bts/usd
ASK 1 usd @  (1/20) bts/usd

These cancel, but they also 'set' the price at 1/20 = .05
The video claims that the 3 shorts must repurchase "at the new price".

 [ + .0166666 = (1/60), -1 ]    +   (cover) [ - .05,  + 1]   =   [-.03333333, 0]  (this individual lost .03333 bts to close out their position at net=0)
 [ + .02, -1 ]                            +   (cover) [ - .05,  + 1]   =   [-.03, 0]
 [ + .025, -1 ]                          +   (cover) [ - .05,  + 1]   =   [-.025, 0]

For myself:
[ -.0559523809, +3]  +  [ +.15 , -3] (my proceeds from the sale to close out my position) =  [ .0940476191 , 0 ]   profit, for a + 168.0851% return.

All of these types of attacks depend upon a thin order book.   We recently added changes to require a minimum market depth before trading can occur.   Also, shorts are only forced to accept a high price *when* there is a margin call.  Otherwise they are unaffected.  By increasing the margin to 10x you would have to manipulate the price up by 5x before you could trigger such a call.

The fees would be very high to manipulate it up all at once, and if you attempt to do it slowly new shorts will enter the game.