Vault liquidation
DeFi lending protocols like Aave and Compound let users deposit collateral to borrow other assets. If the collateral’s value falls below a certain threshold, the position becomes undercollateralized and eligible for liquidation to avoid the protocol accruing bad debt.
Anyone can repay the debt and receive the collateral at a discount, earning a liquidation reward in the process — typically 5–10% of the collateral amount. Think regular users get a shot at picking up those lucrative rewards? Not a chance.
In the event that a user does spot a vault that’s eligible for liquidation, their transaction will almost certainly be front-run by a bot. The bot spots the user’s transaction in the mempool, copies it with their own details, and adds a high enough gas fee to ensure it will be executed ahead of the original one. Even if the bot account does not hold enough assets to repay the fee, it doesn’t matter, since they can use a flash loan to borrow the required tokens, liquidate the vault, and pay back the loan in the same block.
Meanwhile, the user’s transaction either fails or executes after the vault has already been emptied.
Vault liquidations are particularly attractive to bot runners due to their high profitability, since DeFi vaults may hold millions of dollars worth of tokens. The scale of the problem is hard to gauge, because by definition, the affected user transactions are never confirmed on the blockchain. However, the issue likely affects users to the tune of millions of dollars per year.
COTI Fixes This
COTI uses garbled circuits to prevent attackers from exploiting transactions before they are confirmed on the blockchain. Garbled circuits are a fast, lightweight solution that process transactions in encrypted form, preserving end-to-end privacy. They offer a combination of speed and scalability that is unique for decentralized confidential computing (DeCC).
Our solution enables confidential on-chain operations, including encrypted transfers and MEV-proof DeFi transactions, secure data storage, private multi-party interactions, and verifiable computations on encrypted data — all with optional disclosure for compliance! They’re ideal for everything from private DEX trading, and RWAs, to AI and ML operations with encrypted data sets.
For COTI updates and to join the conversation, be sure to check out our channels:
Website: https://coti.io/
X: https://twitter.com/COTInetwork
YouTube: https://www.youtube.com/channel/UCl-2YzhaPnouvBtotKuM4DA
Telegram: https://t.me/COTInetwork
Discord: https://discord.gg/9tq6CP6XrT
GitHub: https://github.com/coti-io
COTI Fixes This #4: Vault Liquidation Fee “Thefts” was originally published in COTI on Medium, where people are continuing the conversation by highlighting and responding to this story.
