What is the current timeline for introducing borrow caps for the remaining assets? Currently, only $COMP has a borrow cap even though the real threat is an infinite mint from USDC or WBTC draining the protocol.
Borrow caps were introduced a while back and are key for keeping lenders secure but we’ve not seen their adoption which has the effect of increasing how lenders need to price blow-up risk in the protocol. Without borrow caps, COMP is only as strong as its weakest link
there are some works on introducing supply cap which is better protection against infinite mint on those assets.
the issue is that both USDC and WBTC contract are an older version cToken contract which is immutable, and to be able upgrade them both market needs to be migrated into a newer version, which will be annoying for the users cause of the high transaction fees currently.
This is a great point. I’ve put together a quick summary of what it would take to migrate USDC or WBTC markets to the latest generation.
This is the exact reason why Borrow Caps were introduced: we were unable to implement supply caps without upgrading V1 CTokens.
With the recent growth of assets locked in Compound, I think it is a very good idea to implement Borrow Caps on all markets until we can upgrade cUSDC and cWBTC markets as @rleshner suggests and implement supply caps.
While i’m not necesserily against borrow caps, i want to point that so far nothing good arrived from it.
Existance of borrow cap at COMP market for example creates nothing more than distorted market, potentially creating risks of bringing it to court for market manipulation.
After readjusting COMP distribution speed for COMP market, that created negative interest rates for borrowing side of COMP market, where users are paid to borrow COMP. However, unlike ETH and WBTC markets, existance of market CAP, creates a priveledged group of users, who borrowed before CAP was reached, and excluding everybody else who want to take advantage of that market situation later, when CAP was reached. And that could potentially be called a market manipulation.
I see market CAP doing more harm really than any good and market would rather be better without it than with it existing in place.
And if infinite mint due some sort of exploit is the only reasoning for existence of market CAP, than i’d rather see algorithm, adjusting market CAP based on hourly average, which would prevent borrowing more than certain percent of total borrowed within one hour. That would pretty much fix your potential attack concern, as for attack, transactions usually need to happen fast, as often is used in conjuction with flash loans.
But in general, i very much dislike unnesessary human controls, as if that could be somehow misused, eventually they always will.
Yeah, I was under the impression borrow caps would cap the debt a single collateral could borrow. But it seems to simply cap the amount of debt that can be borrowed of a certain type. This does little to plug the core issue because an infinite mint can still steal number_of_cTokens * remaining_borrow_cap, so the attack scales linearly with number of cTokens and this is a major flaw.
I think it should be a high priority of the community’s to introduce MCD style debt ceilings. This would limit how much a single collateral type could borrow.