The team behind bZx (formerly b0x) recently announced the deployment of its 0x-integrated protocol on the Ethereum mainnet. The bZx protocol was created for non-custodial decentralized margin lending and trading services and is fueled by the BZRX token.
The team believes its protocol is important because decentralized exchanges typically do not facilitate non-custodial margin trading. By allowing its protocol to be integrated into existing exchanges and relayers, bZx allows margin traders to avoid centralized exchanges, which the white paper authors argue have the potential to compromise investor funds.
The protocol's deployment follows an audit conducted by ZK Labs, an independent Ethereum auditor that includes a few prominent voices in the cryptospace, such as Matthew Di Ferrante (Ethereum Foundation) and Nick Johnson (Ethereum Name Service). Di Ferrante concluded in the audit that the bZx "code is generally well structured and properly compartmentalized." Further, because of the protocol's OpenZeppelin smart contracts, its risk of bugs is lower.
However, Di Ferrante noted that one contract storage aspect can have an effect across the system. Specifically, the protocol specifies a network of delegatecall contracts that can freely write updates stored on a single proxy contract, so "an upgrade to any component [of the proxy] can affect the state or balances in the entire protocol." This detail leads to "an extremely careful upgrade and maintenance process." The bZx team believes, though, that this vulnerability could be addressed through private testing of upgrades before releasing them to the mainnet and the protocol's new governance system.
The bZx protocol was tested using a single-signature wallet, but it is now governed through "a time-locked variant of the Gnosis multi-signature wallet." Multi-signature, or multisig, simply means a transaction requires multiple keys to be authorized. The bZx team noted this setup is like that of the 0x project, which also uses a multisig proxy mechanism.
Despite the protocol's security, bZx acknowledges that two major grinding attacks (or attempts to bias computational randomness in an attacker's favor) could occur within the system: miner collusion and spot market manipulation. The former attack would involve bounty hunters, either in collusion with miners or acting as miners to inflate the exponential moving average (EMA) and drain the guarantee fund (which is usually dispersed to lenders in the event they lose their funds). There are actually two ways for this to work:
"A miner with a large amount of hash power could censor the transactions of other bounty hunters and insert their own 0 gwei transaction, thereby claiming a large bounty without engaging in a gas war (at the cost of forfeiting a large portion of the fees from transactions submitted by competing bounty hunters). Alternatively, a miner with a large amount of hash power might be incentivized to game the EMA so that bounty hunters engage in a gas war, thereby enriching the miner."
The spot market manipulation attack would involve artificially increasing the number of liquidations on the network so that more fees could be directed to the bounty hunters, who are paid for their liquidation services.
The team goes on to describe a combined EMA and spot market attack wherein a bounty hunter would leverage their informational advantage regarding which loans would be liquidated, though the "advantage obtained" from this information is "expected to be relatively low."
To address these potential dangers, bZx changed its protocol in four key ways: no longer paying bounty hunters out of or distributing gas refunds from the guarantee fund; taking bounty hunters' transaction fees out of collateral staked by traders; and requiring that trader collateral be greater than 0.5 Ether. The team believes these changes help ensure "there is no way to profitably drain the guarantee fund."
Ever thorough, bZx also mentioned that though spot market manipulation would no longer be possible because of the protocol changes, an EMA attack by itself could still occur. To the bZx team, though, this "remaining attack vector is obscure and … highly improbable."
Additionally, the crew announced the protocol's integration with Bamboo Relay. The bZx team has already partnered with five other relayers: Shark Relay, Amadeus, Instex, STAR BIT, and OpenRelay.
Unlike a decentralized or centralized cryptocurrency exchange, a relayer allows token holders to trade directly with each other using their wallets. The relayer platform itself provides a way for users to find, place, and fill their orders. Relayers do not hold assets or execute any trades.
The folks at bZx expect more relayers to integrate their protocol in the future.