You Should Look for Game Theory Bugs
1 min read

You Should Look for Game Theory Bugs

You Should Look for Game Theory Bugs
Photo by Denes Kozma / Unsplash

Many auditors and bounty hunters don't look for game-theoretic and economic flaws.

Instead, they focus on the more tangible and well-known types of attacks. This is unfortunate as a game-theoretic design flaw can cause as much damage as regular attacks.

Here is why you should be on the lookout for game-theoretic issues:

Significant impact

At the moment, game theory and economic properties are core to most smart contracts.

This is true on almost every layer of our stack, from L1 consensus to the DeFi protocols. Because of that, an unintended flaw can have significant consequences. A severe issue can easily cripple a protocol.

Game-theoretic flaws are no joke.

Example: Slashing

Let's assume you have a protocol that implements slashing.

Slashing is a crypto-economic incentive mechanism that should dissuade attackers. The key to this technique is that the slashing penalty is more significant than the reward of an attack. A protocol which would implement slashing with a too-small penalty wouldn't be protected.

Incentives can be flawed, just like code.

Unfair avantage

You'll have an unfair advantage on the other auditors and bounty hunters.

They won't be looking for these bugs, so you have plenty of opportunities to do so! Furthermore, a substantial potential impact means you might find yourself with some crits.

You have a huge opportunity to find some high severity issues!