Oracle-manipulation-proof borrow cap

Venus Protocol's assessment for RD-F-073 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

The March 2026 THE incident directly evidences a failure of borrow cap protection when the underlying collateral market can be manipulated via donation. The 14.5M THE supply cap was bypassed by inflating the exchange rate rather than increasing supply count — circumventing the borrow cap indirectly. The attacker borrowed $14.9M against a market capped at $14.5M tokens. Even had a stricter oracle-based borrow cap been in force, the exchange rate inflation (3.81x) would have allowed proportionally larger borrowing against the manipulated collateral value. Risk Stewards (February 2026) aim to enable dynamic cap adjustment but were not operational at the time of the exploit. Current score: yellow (mechanism present but demonstrated insufficient for thin-liquidity manipulable collateral).

Sources #

URL
Risk Stewards Deployment Parameters — Venus GovernanceVenus Community Risk Stewards proposal — dynamic cap adjustment framework post-incidentretrieved 2026-04-28
URL
Venus Thena Donation Attack — BlockSecBlockSec — Thena attack: 14.5M supply cap bypassed via exchange rate inflation to borrow $14.9Mretrieved 2026-04-28
URL
https://rekt.news/venus-protocol-rekt4retrieved 2026-05-06

Methodology #

Determine whether the per-asset borrow cap is ≤ (oracle pool depth × manipulation-resistance multiplier).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol venus factor RD-F-073 score yellow collected_at 2026-04-28 18:30:49