I wanted to know what it actually costs to break a small stablecoin. Can a $372K stablecoin be profitably attacked with just $100K in capital? We modeled economically viable attacks on three interconnected DeFi protocols.
Critical Finding: We discovered a profitable attack that existing security measures fail to prevent. Defense cost: $5K-10K. Attack profit: $8K-31K.Something I came to believe: vulnerabilities don't get exploited because they're possible, they get exploited when they're worth it. Once economics change, attacks emerge.
Mature ecosystem with recent precedent: Sonne Finance $20M exploit (May 2024), SVB crisis (March 2023). This provides real-world validation for our attack models.
Type: Hybrid stablecoin
Attack surface:
Characteristics: No audits, 2/3 multisig
Attack surface:
Type: Critical infrastructure
Attack surface:
All three protocols share: USDC/DAI foundation, Chainlink oracles, Velodrome liquidity. Cascade risk: Sonne exploit β Velodrome panic β Mento depeg β System-wide instability.
Key Finding: Efficiency creates fragility through correlated failure modes.
We modeled realistic adversaries with actual capabilities, not theoretical "all-powerful" attackers. Each profile reflects real-world constraints and incentives.
Budget: ~$27Bi USD yearly | Capabilities: BRL liquidity, crypto offramps, local payment infrastructure | Motivation: Money laundering, capital flight
Budget: $500K-5M | Capabilities: DeFi expertise, flash loans, MEV infrastructure, sophisticated tooling | Motivation: Sanctions evasion, state funding
Mento's circuit breakers have a blind spot:
This enabled three attack scenarios, ranging from immediately profitable to catastrophic.
Target: Mento cReal ($372K market cap)
Method: 50-100 wallets, micro-redemptions over 2-4 weeks
Why it works: Stays below circuit breaker velocity thresholds, evades vAMM slippage through distribution
| Simulation | Market % | Buy Price | Profit | ROI | Success Rate |
|---|---|---|---|---|---|
| Micro | 10% | $0.16 | $2.8K | 8.3% | 60-70% β WORKS NOW |
| Lean | 20% | $0.155 | $8K | 12.1% | 50-60% |
| Deep Depeg | 25% | $0.14 | $11K | 14.1% | 40-50% |
| No Offramp | 25% | $0.155 | $10K | 15.4% | 55-65% |
| Patient | 30% | $0.15 | $31K | 40.4% | 60-70% |
Profitable: Buy at <$0.155
Highly Profitable: Buy at <$0.145
Attack scales with market cap. At $3M (8x growth), profit becomes $248Kβjustifying sophisticated attacks from nation-states and organized crime.
The currency (cReal) is paradoxically protected by being "too small to care about" β but this protection disappears as adoption grows.
Target: Mento cUSD ($16.9M market cap)
Method: Oracle manipulation + flash loans + single-block redemption
Why it DOESN'T work: Circuit breakers specifically designed to prevent this
Theoretical profit: $120K-200K
Actual probability: 0-5%
Expected value: Strongly negative
Exclude from realistic attack portfolio. Circuit breakers are effective against flash attacks.
Target: cReal
Method: Amplify Brazilian - USA crisis into contagion
Why it works: Organic crisis + coordinated attack + shared dependencies = unstoppable momentum
Profit potential: $5M-20M (short positions + direct arbitrage)
Success probability: 70-80% IF catalyst occurs
Historical precedent: SVB crisis (March 2023), Sonne exploit (May 2024)
Most profitable scenario for patient, well-capitalized adversaries. Requires external catalyst but offers extraordinary returns. Cannot be prevented by protocol-level defenses aloneβrequires ecosystem coordination and stress testing.
π΄ Immediate Threat: Scenario 1 "Micro" β works NOW, $2.8K profit, 60-70% success
π° High-Profit Threat: Scenario 1 "Patient" β wait for $0.15, $25-35K profit
π₯ Maximum Threat: Scenario 3 "Cascade" β $5M-20M potential, catalyst-dependent
β Non-Viable: Scenario 2 "Flash Crisis" β circuit breakers prevent, <5% success
Absolute returns ($8K-31K) are insufficient for nation-states or large teams with operational overhead. However, these attacks are viable for:
Critical threshold: Once cReal reaches $1-2M market cap, attacks become viable for sophisticated adversaries with professional infrastructure.
1. Zero Trading Limits in the currency smartcontract β Unlimited drain possible
2. External Price Blind Spot β Circuit breakers don't watch DEX prices
3. Low Liquidity β $28K TVL for $372K market (easy to manipulate)
RENDERS ALL ATTACKS UNPROFITABLE
Defense should prioritize making attacks unprofitable, not impossible. Scenario 2 is technically possible but economically non-viable β this is good defense design.
Circuit breakers detect rapid changes. Sophisticated attacks are slow (weeks-long, distributed, multi-phase), staying below velocity thresholds. Defense must account for patient adversaries.
Lower defense budgets + easier manipulation. Attack costs scale DOWN with market cap, while defense costs scale UP. Critical lesson: Implement defenses BEFORE growth.
$5K-10K investment (trading limits) prevents $8K-31K+ in attack profit. Small defensive investments have massive returns. The best security spending has extraordinary ROI.
No attacks were executed. All analysis is theoretical/simulated. This research was conducted to improve protocol security, not to exploit vulnerabilities.
For complete attack simulations, detailed economic models, and technical vulnerability analysis, view the full research documentation: