Origami Finance Audit Competition- rewards up to $56K in USDC

HatsFinance
12 min readFeb 19, 2024

--

Starting Feb 22nd, 2024, at 15:00 GMT to Mar 7th, 2024, at 15:00 GMT

We invite all white hat hackers to join the hunt on the Origami Finance audit competition

All experience levels are welcome; whether you are a seasoned security veteran or an amateur, show us what you got! Prizes will be given based on the severity level of each vulnerability found.

About the Competition

Starting Feb 22nd, a new vault will open in the Hats dApp — “Origami Finance”.
Participants can check the contracts that are in scope and start digging for bugs–exploits, loopholes, or vulnerabilities that can lead to loss of user or protocol funds.

Intro to Origami Finance

Origami Finance (https://origami.finance/) is a protocol that utilises available sources of liquidity to provide constant leverage for whitelisted liquid-staking strategies through a simple vault UX. The initial Origami v1 vaults launched in 2023 for GMX and GLP that automatically harvested yields to compound back into the underlying asset in the vault. The new v2 vaults will add the power of leverage-also known as folding–to the vaults by facilitating collateralized loans to increase effective exposure for the underlying asset and managing the leveraged position automatically. The liquidity will be sourced from external money markets such as Spark Finance as well as other Origami vaults like the oUSDC stablecoin vault.

About the competition,
This competition is for the new Origami vaults that will be launched as part of the v2 upgrade. The flagship product is the Leveraged Origami Token Vault (lovToken), which will connect users who wish to lever up on a liquid staking yield strategy to liquidity providers who will earn real yield for lending to one or more lovToken vaults. The Origami v2 framework is designed to maximize capital efficiency and minimize risk of liquidation and bad debt.

On Ethereum mainnet, two lovToken Strategy vaults will be ready for launch:

  • lovDSR (MakerDAO Dai Savings Rate)

This levers up on sDAI by borrowing USDC from the oUSDC vault

  • lovSTETH (Lido wrapped staked ETH)
    This levers up on wstETH by borrowing WETH from Aave v3/Spark Finance

How Constant Leverage Works

Origami lovToken vaults will provide constant leverage to its depositors by usings its reserves as collateral to increase its reserve balance. By keeping its collateralization ratio within a target range, the vault can achieve leveraged or N-folded exposure to the underlying where N is the leverage factor e.g. 10X.

When new deposits move the collateralization ratio out of its target range, the lovToken vault will automatically borrow more money to increase effective exposure and lower the collateralization ratio. Conversely, the vault will deleverage when that same ratio deteriorates due to withdrawals, rising borrow interest, or when the price of the reserve token is falling.

The prevailing APR for each lovToken vault is dynamic and will fluctuate depending on yield for the underlying liquid staking token (LST) strategy less the borrow interest rate from the liquidity provider. Ignoring fees, the formula to calculate the lovToken APY is:

(1 x LST APY) + Leverage Factor x (LST APY — Borrow APY)

Origami’s New v2 Vaults

oUSDC Vault

  • oUSDC is the primary internal liquidity provider and lending vault. The oUSDC vault share token is called ovUSDC.
  • Users may deposit/exit with USDC. Depositors will receive a continuously compounding yield denominated in USDC. This yield reflects the variable interest earned from lending the USDC to one or more lovToken vaults e.g. lovDSR or the idle strategy (see below).
  • As lovToken vaults rebalance to increase leverage, they will borrow the USDC and be issued a continuously compounding internal debt token (iUSDC) that reflects the current debt owed to the oUSDC vault. The iUSDC interest rate is variable and is determined by the utilization of the debt ceiling capacity for that lovToken vault.
  • The debt ceiling for each lovToken vault borrower is set by policy. As each vault borrower uses more of its allowance, the iUSDC interest rate for that borrower will rise. This is known as the Specific Interest Rate.
  • The total debt ceiling for the oUSDC is the global capacity. As lovToken vaults borrow more of the available global capacity, the alternate calculation for iUSDC interest rate will rise. This is known as the Global Interest Rate. To closely track the true cost of capital, the prevailing iUSDC rate for each lovToken borrower will be set to max (specific_int_rate, global_int_rate).
  • Any USDC reserves that is not utilised by a lovToken vault borrower is still earning yield as the USDC will be supplied into Aave as collateral (supply only, no borrows). This “idle strategy” is also issued iUSDC tokens like any other borrower. The interest rate for the idle strategy is updated weekly and set to an average historic rate that will closely track the actual yield from the external protocol.
  • To ensure capital efficiency, the USDC will only be lent out if the borrow APR paid by the lovToken vault exceeds the supply APY for the designated USDC idle strategy.

lovDSR Vault

  • lovDSR is a leveraged Liquid Staking Strategy vault.
  • Users can deposit/exit with DAI or sDAI
  • This vault levers up on sDAI by borrowing USDC from the oUSDC vault and swapping into sDAI to increase both the Assets (sDAI) and Liabilities (USDC)
  • The vault has a target A/L (==1/LTV) range, and a bot operator will call ‘RebalanceUp’ or ‘RebalanceDown’ on the lovDSR vault when below or above that nominal range.
  • Vault rebalancing transactions have randomisation applied and will be implemented using Flashbots.

lovSTETH

  • lovSTETH is a leveraged Liquid Staking Strategy vault.
  • Users can deposit/exit with wstETH, which will be used to collateralise a debt position on Spark Finance.
  • This vault levers up on wstETH by depositing wstETH into Spark Finance as collateral and flash loaning WETH and swapping into more wstETH. This wstETH is added as new collateral to borrow WETH and repay the original flashloan.
  • Again the automated bot applies randomisation for when and how much to rebalance, and uses Flashbots.

Oracles

  • Chainlink oracles are used to value lovToken liabilities e.g. USDC in terms of the vault’s assets e.g. DAI in the case of lovDSR.
  • lovDSR uses [DAI/USD] / [USDC/USD] to value USDC debt in terms of sDAI assets.
  • lovETH uses wstETH ratio * [stETH/ETH] to value wETH debt in terms of wstETH assets.

Defense in Depth

  • oUSDC Daily Withdrawal Circuit Breakers
  • A maximum daily cap on ovUSDC exits by users
  • A maximum daily cap on USDC borrows from lovDSR
  • lovToken A/L checks:
  • Deposits revert if the A/L will go above a policy set ceiling (under leveraged). Users will need to wait for a rebalance
  • Exits revert if the A/L will go below a policy set ceiling (over leveraged). Users will need to wait for a rebalance
  • Oracle Checks:
  • The DAI/USD, USDC/USD, stETH/ETH oracle price lookups will revert if outside of an acceptable policy set range close to 1:1 peg
  • lovToken Dynamic Fees:
  • Economic guards are in place to dissuade leeching value from existing vault users when the Chainlink Oracle value varies from the expected historic 1:1 peg for DAI/USDC and stETH/ETH
  • When the underlying is trading below peg it charges a multiple of the difference between the oracle price and 1 for withdrawals and assumes the underlying is trading at peg for deposits.
  • When the underlying is trading above peg it charges a multiple of the difference between the oracle price and 1 for deposits and assumes the underlying is trading at peg for withdrawals
  • These vault fees are deflationary — lovToken shares are burned to benefit remaining users in the vault.

Areas of Focus for the Audit Competition

  • Unexpected or incorrect vault share issuance
  • Vault share price manipulation to redeem more than expected reserve tokens
  • Vault entry or redemptions that impacts user share price in unexpected ways
  • Ways to exit or enter the vault even when the A/L ratio should prohibit the action
  • Ways for vaults to bypass system circuit breakers to borrow more than allowed
  • Ways to exit the lovToken vault in such a way as to create bad debt in the system balance sheet either for lovToken users or for the liquidity provider
  • Front-running behaviour to directly profit off of or avoid loss stemming from pending rebalance events either within the vault or outside of the vault
  • Price oracle manipulation such that the system is fooled into a rebalance when it is unnecessary or unprofitable to do so.
  • Interest rate manipulation or malicious behaviour such that one vault unfairly benefits at the expense of another vault.
  • Attacker actions that can trigger rebalance cascades from the bot

Stay up-to-date with the competition, chat with the team, and get your questions answered by joining the dedicated Discord channel on the Hats server.
All audit reports will be published in our Discord on the day of the competition. Don’t miss the latest updates and insights — join now and be the first to know!

Audit competition rewards

  • Deposited Amount: The deposited amount is ~$70K in USDC, making the available prize pool ~$56K in USDC.
  • Service Fee: All rewards mentioned in this article and on the Hats dApp UI have already deducted a 20% Hats service fee.
  • Severities: Low, Medium, High, Gas saving

Rewards and calculation
For our audit competition, the entire prize pool is up for grabs across all severity levels. Each severity level has a designated point value and a maximum payout cap.

Maximum Reward Caps per Submission:

  • Low Severity: 560 USDC
  • Medium Severity: 6,700 USDC
  • High Severity: 14,000 USDC
  • Gas: 2,200 USDC, 1,100 USDC

Points Allocation per Severity:

  • Low: 1 point
  • Medium: 12 points
  • High: 25 points
  • Gas saving 1st: 4 points
  • Gas saving 2nd: 2 points

*For simplicity, we commend having a relation between the points and the cap. If the cap is 2,000 USDC we recommend the allocation of 2 points per valid submission.

Points are consistently awarded within the same severity level unless the committee decides to adjust this. For instance, both the first and second low-severity findings will earn 1 point each. This standard applies to medium and high severities as well.

Calculating the Winner’s Reward:

The formula for a winner’s reward is as follows:

Point Value = Prize Pool / Total Points*

*Awarded for the entire competition

Examples for Clarity:

Example #1:

  • 163 Low Severity: 163 points
  • 1 Medium Severity: 12 points
  • 1 High Severity: 25 points

Total points: 200

In this scenario:

  • Value of 1 Point = 56,000 USDC/200 Total points = 280 USDC
    The rewards for this example will be as follows:
  • Low (163 points): $280 each
  • Medium (12 points): $3,360 in total.
  • High (25 points): $7,000 in total.

Example #2

  • 20 Low Severity: 20 points

Total points: 20

In this scenario:

  • Value of 1 Point = 56,000 USDC/20 Total points = 2,800 USDC
    The results exceed the max reward per low severity, so the value of a point is adjusted.
  • The rewards for this example will be as follows:

Low (20 points): $560 each

Severities

High Severity

Issues that will qualify for this bracket will be assigned 25 points.

High-severity vulnerability description:

For a submission to be considered a HIGH-risk vulnerability, issues must:

  • Direct theft of any user funds, whether at rest or in motion
  • Long-term freezing of user funds
  • Theft or long-term freezing of unclaimed yield or other assets
  • Protocol insolvency

Medium Severity

Issues that will qualify for this bracket will be assigned 12 points.

Each new issue gets 12 points. The total Medium-severity reward will be calculated as described in the rewards calculation above.

Medium severity vulnerability description:

Issues that lead to an economic loss but do not lead to direct loss of on-chain assets. Examples are:

  • Gas griefing attacks (make users overpay for gas)
  • Attacks that make essential functionality of the contracts temporarily unusable or inaccessible
  • Short-term freezing of user funds

Low severity

Issues that will be qualified for this bracket will be assigned with 1 point.

Each new issue gets 1 point. The total Low-severity reward will be calculated as described in the rewards calculation above.

Low severity vulnerability description:

  • Issues where the behavior of the contracts differs from the intended behavior (as described in the docs and by common sense), but no funds are at risk.

Gas Saving:

The 1st place in the gas optimization category will get 4 points. The 2nd place in the gas optimization category will get 2 points.

This competition will reward participants with ideas to maximize gas savings.

Gas Saving Guidelines:

  • Submissions should be in the form of a link to a private copy of the repository. containing the gas-saving changes commented with ‘//Gas saving, with the test suite unchanged.
  • Please add @frontier159, @mirionic, @mountainpath9 as collaborators to the private repo copy before submitting.
  • Optimizations should use solidity (no inline assembly).
  • Gas savings will be judged on the basis of total gas savings. This is measured as the total avg amount of gas used for each function (i.e. the sum of all numbers in the “avg” column), as reported by the hardhat-gas-reporter.
  • Submittters should add the total average gas cost in the description of their submission
  • Only files listed in the “Files in Scope” section are in the scope of the competition
  • For the convenience of submitters and judges, the repository contains a script that will run the tests and output the average amount of gas used:

yarn gas-avg

  • Due to the rules category, submissions will not be public and will only be shared with the committee.

Limitations

Reporters will not receive a bounty for any known issue, such as:

  • Issues mentioned in any previous audit reports
  • Vulnerabilities that were already made public (either by HATs or by a third party)
  • “Centralization risks” that are known and/or explicitly coded into the protocol (e.g. an administrator can upgrade crucial contracts and steal all funds)
  • Attacks that require access to leaked private keys or trusted addresses
  • Issues/contracts mentioned in the out-of-scope section

Submission Guidelines — High/Medium/Low severities:

General Information:

  • The Hats team will create a new repository called “Origami Finance audit competition” under the Hats.finance organization on GitHub. The repository will be kept private until the competition starts. Hats bot will fork it on the first submission. To participate, security researchers must submit their findings on-chain, and an automatic GitHub issue will be generated in the forked repository.
  • How it Works: Video Explanation

SUBMISSION GUIDELINES:

  • Submissions should be made using our Dapp.
  • You can submit one on-chain submission mentioning all issues found on the repo.
  • All new submissions will be created on Hats forked repo on Hats: Hats GitHub

Report Format:

  • Please send a plain ASCII description in the following format:
  • [TITLE]: A short description of the issue.
  • SEVERITY: Either High, Medium, or Low (as per the rules).
  • Submission should contain at least one test demonstrating the problem and, if possible, a possible fix.

Report Template:

  • Description: Describe the context and the effect of the vulnerability.
  • Attack scenario: Describe how the vulnerability can be exploited.
  • Attachment:
  • Proof of Concept (PoC) File: Provide a file containing a proof of concept (PoC) that demonstrates the vulnerability.
  • Revised Code File (Optional): If possible, provide a second file containing the revised code that offers a potential fix for the vulnerability. This file should include:
  • Comment with a clear explanation of the proposed fix.
  • The revised code with suggested changes.
  • Add any additional comments or explanations clarifying how the fix addresses the vulnerability.
  • Recommendation: Describe a patch or potential fix for the vulnerability.

***Due to the nature of the audit competition mechanism, the report will not be encrypted.***

Evaluation:

  • The first participant to submit an issue following guidelines gets a bounty for that issue (issues already received or out of scope will not receive a reward).
  • The competition starts on Feb 22nd at 15:00 GMT and ends on Mar 7th at 15:00 GMT.
  • Issues that we are aware of (as witnessed by any open issues in the repository) will not be eligible for the bug bounty.

Compensation and Impact

A prize pool of ~$50K USDC and NFT rewards from our hacker collection will be distributed among security researchers who submit eligible vulnerability disclosures.

Compensation payment timeline:

  • Ten days after the competition ends, we will announce a winner list.
  • Alongside the winner announcement post, submitters can send disputes to the committee team and request clarification. They can also involve the Hats security team in the process. The goal is to facilitate honest and professional debate regarding disputed submissions.
  • Between 7–14 days after the announcement, we will publish a split contract where the winners can claim their rewards.
  • HATS Service Fee: A 20% deduction from the payout will always be allocated as the service fee.

Security researchers play a crucial role in fostering trust and confidence in Web3 technologies, paving the way for mass adoption. By participating in this competition, security researchers can gain recognition for their work, raise their profile, and make valuable connections in the Web3 security ecosystem. Ultimately, they can contribute to creating a more secure and equitable community.

Join Origami Finance Audit Competition today and participate in the movement to secure the future of Web3 and decentralized finance. Check the Hats Finance dApp for more information and in-scope contracts.

Stay tuned and check Hats dApp:https://app.hats.finance/audit-competitions

--

--

HatsFinance

Hats.Finance a decentralized smart bug bounty marketplace. Permissionless, scalable, and open bug bounty protocol that allows anyone to provide liquidity.