Withdrawal and Borrow TimeLock
Background and Motivation for Withdrawal and Borrow TimeLock
Parallel works tirelessly with its own engineering and security team along with external auditors to ensure our smart contracts and protocol are free of potential vulnerabilities. As an additional level of protection we have likewise implemented a Withdrawal and Borrow TimeLock system to protect against unauthorized removal of users' funds.
Core Problem to Solve with Withdrawal/Borrow TimeLock
Parallel works tirelessly to build further innovation in broader NFT-Fi/DeFi, and we likewise seek to push the space forward in not only economic design but security.
A hacker could ultimately discover an attack vector which allows them to immediately drain users' funds on the protocol in as little as a single block. We go to great lengths to cover any possible smart contract vulnerability, but even then the protocol wants an extra level of security to keep users' assets and the protocol as safe as possible.
To that end we have implemented a Borrow and Withdrawal TimeLock as detailed further below. And though it may introduce some friction to the User Experience, we believe that users are ultimately best served with protections against unauthorized borrow and withdrawals of their own assets.
Overview of Parallel's TimeLock Safety Mechanism
Parallel seeks to prevent unauthorized access to users' tokens as critical protection against exploit. Of course we must balance any limit on individual transactions against potential nuisance or inconvenience against legitimate borrow and withdrawal transactions.
To balance these interests and with an eye towards user safety, Parallel uses a data-driven approach to determine maximum thresholds for withdrawal and borrow within a single block on the Ethereum Mainnet and potentially within a six hour timeframe.
Transaction Limits - Protection against Flash-Loan Attacks to Enhance User Safety
A common attack vector for exploits of DeFi protocols is the so-called "Flash Loan" attack: a hacker uses flash loans from Aave or other protocols to gain access to substantial uncollateralized loans. Each flash loan must be repaid within the same block else the transaction is reverted. Thus an attacker depends on the ability to extract a substantial sum of tokens from a protocol within a single block.
Parallel uses a data-driven approach to limit an individual user's maximum withdrawal or borrow within a single block. If a user's withdrawal or borrow request exceeds this single-block limit, there are two additional thresholds and potential waiting periods such that the protocol can actively monitor suspicious activity but also allow for legitimate transactions.
There are thus three Borrow/Withdrawal amount tiers for individual users and transactions:
Single Block Limit, or Tier 1: This is the level at which the protocol will allow the user to borrow or withdraw up until the Tier 1 threshold. The protocol will create a smart contract wallet which holds and disburses the user's Borrow/Withdrawal requests in subsequent blocks. And this limit is expressly designed to prevent against large flash-loan attacks.
Medium limit or Tier 2: If the transaction request is above this threshold, the withdrawal or borrow will be subject to a 10 minute to 2 hour 10 minute delay. The protocol creates a smart contract wallet which will hold the funds in escrow and distribute to the user automatically within this timeframe. This threshold acts to protect against not only flash-loan attacks but potential oracle price manipulation or other vulnerabilities.
High limit or Tier 3: Borrow or withdrawal transactions above the Tier 2 threshold will be subject to a 12 hour 10 minute delays using a smart contract wallet which holds the requested funds in escrow for automatic distribution. As with Tier 2 threshold, this level provides additional protection against potential economic design vulnerability attacks.
Pool Limits - Additional Resilience against Large-Scale Economic Attacks
The single user/transaction limits will help protect against flash-loan and other types of attacks, but to protect against larger-scale multi-account vulnerabilities we will also set time limits for an entire token pools.
Pool Limit: To protect against multi-account attacks there will be a single pool limit which will trigger a delay for all Borrow/Withdraw requests for a given token.
Pool Threshold: Aggregate single-token borrow/withdrawals above a specific proportion of all pool liquidity will add a 10 minute delay to all withdrawal requests. These will be processed via the same smart contract wallet system which holds the requested tokens in escrow for automatic distribution.
Setting Pool and Transaction Limits - a Firmly Data-Driven Approach
The protocol seeks to maximize user safety but limit interference in normal activities and allow legitimate user transactions to continue unimpeded. To balance these risks we take a firmly data-driven approach on real user behavior. And indeed Tier 1 - 3 thresholds for both Transaction and Pool limits are set according to specific Percentiles of on-chain user Borrow/Withdrawal behavior on the transaction and Pool level.
Users can see our Dune dashboard for on-chain transaction and pool limits.
Transaction Thresholds:
Tier 1: 95th Percentile of all single Borrow/Withdrawal amounts.
Tier 2: 97th Percentile of the same transactions.
Tier 3: 99th Percentile.
Pool Thresholds:
Initial Pool Thresholds will be 20% of all pool supply.
Transaction and Pool Limits - An Extra Layer of Protection
Parallel aims to be a major innovator in NFT-Fi and DeFi but also protocol security, and our TimeLock implementation is another important tool to ensure the safety of users' tokens and the broader decentralized protocol. Clearly these limits will seek to balance the risks of attacks on the protocol with normal user behaviors. And indeed we will continue to revise our data-driven approach to ensure we set a high bar for not only security but also user experience.
Timelock Parameters
Per Withdrawal Limits
If withdraw amount < minThreshold, then the timelock wait time is 1 block
If withdraw amount >= minThreshold and <midThreshold, then the timelock wait time is 2 hours
If withdraw amount > midThreshold, then the timelock wait time is 6 hours
| Token | minThreshold | midThreshold |
|---|---|---|
$APE | 10,975 | 20,100 |
$cAPE | 10,975 | 53,000 |
ETH / ETH Derivatives | 51.5 | 155 |
USDC | 105,000 | 400,000 |
USDT | 105,000 | 200,500 |
DAI | 40,000 | 100,000 |
WBTC | 2.5 | 2.8 |
BLUR | 71,500 | 118,750 |
FRAX | 30,000 | 50,000 |
| Token | minThreshold | midThreshold |
|---|---|---|
Bored Ape Yacht Club | 1 | 4 |
CryptoPunks | 1 | 4 |
Mutant Ape Yacht Club | 2 | 6 |
Otherdeed | 5 | 20 |
Azuki | 2 | 6 |
Bored Ape Kennel Club | 4 | 12 |
Moonbirds | 5 | 20 |
CloneX | 5 | 20 |
Doodles | 5 | 20 |
Meebits | 5 | 20 |
Pudgy Penguins | 4 | 12 |
Sewer Pass | 5 | 20 |
Pool Limits
If total daily withdraw amount > poolPeriodLimit, then all withdrawal will have an added +10 mins timelock wait time
| Token | poolPeriodLimit |
|---|---|
$APE | 30,000 |
$cAPE | 1,000,000 |
$ETH / ETH Deriv | 1,900 |
USDC | 1,875,000 |
USDT | 400,000 |
DAI | 17,500 |
WBTC | 3 |
BLUR | 200,000 |
FRAX | 15,000 |
| Token | poolPeriodLimit |
|---|---|
Bored Ape Yacht Club | 100 |
CryptoPunks | 2 |
Mutant Ape Yacht Club | 200 |
Otherdeed | 125 |
Azuki | 9 |
Bored Ape Kennel Club | 57 |
Moonbirds | 3 |
CloneX | 8 |
Doodles | 2 |
Meebits | 13 |
Pudgy Penguins | 2 |
Sewer Pass | 2 |
Last updated
