Many auditors and bounty hunters donβt look for game-theoretic and economic flaws.
Instead, they focus on the more tangible and well-known types of attacks. This is unfortunate as a game-theoretic design flaw can cause as much damage as regular attacks.
Here is why you should be on the lookout for game-theoretic issues:
Significant impact
At the moment, game theory and economic properties are core to most smart contracts.
This is true on almost every layer of our stack, from L1 consensus to the DeFi protocols. Because of that, an unintended flaw can have significant consequences. A severe issue can easily cripple a protocol.
Game-theoretic flaws are no joke.
Example: Slashing
Letβs assume you have a protocol that implements slashing.
Slashing is a** crypto-economic** incentive mechanism that should dissuade attackers. The key to this technique is that the slashing penalty is more significant than the reward of an attack. A protocol which would implement slashing with a too-small penalty wouldnβt be protected.
Incentives can be flawed, just like code.
Unfair avantage
Youβll have an unfair advantage on the other auditors and bounty hunters.
They wonβt be looking for these bugs, so you have **plenty of opportunities **to do so! Furthermore, a substantial potential impact means you might find yourself with some crits.
You have a huge opportunity to find some high severity issues!