Root cause: PRICE_STABILITY_INTERVAL (300s) was too long relative to
MIN_RECENTER_INTERVAL (60s). After any significant trade moving the tick
>1000 positions, the 5-minute TWAP lagged behind the current price by
hundreds of ticks, exceeding MAX_TICK_DEVIATION (50). Recenter reverted
with "price deviated from oracle" for ~285s — creating a window where
the LM could not reposition and adversary parasitic LP could extract
value from passive holders.
Fix: Reduce PRICE_STABILITY_INTERVAL from 300s to 30s. This ensures
TWAP converges within the 60s cooldown while still preventing same-block
manipulation (30s > ~12s Ethereum mainnet block time).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Evidence file: change result to PENDING (not INCREASED) with delta_bps 0,
since this is a registration placeholder, not a measured run
- Attack file: add missing unstake for position 6 so all staking positions
are cleaned up
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fixes#1066
## Changes
Done. Here's what was changed:
**`evidence/README.md`**
- Added `"candidate_commit": "abc1234"` to the red-team schema JSON example
- Added `candidate_commit | string | Git commit SHA of the optimizer under test` row to the field table
**`scripts/harb-evaluator/red-team.sh`**
- Captures `CANDIDATE_COMMIT` from `git rev-parse HEAD` at startup (alongside existing `CANDIDATE_NAME`/`OPTIMIZER_PROFILE`)
- Added a new step (9a-pre) that writes `evidence/red-team/YYYY-MM-DD.json` at the end of each run, including `candidate_commit` plus all other schema fields (`candidate`, `optimizer_profile`, `lm_eth_before`, `lm_eth_after`, `eth_extracted`, `floor_held`, `verdict`, `attacks`)
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/harb/pulls/1075
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Addresses re-review feedback:
1. Attack 4 (2050 ETH): delta_bps=3746 is from extreme slippage
through thin liquidity beyond concentrated positions, not just
1% fees. Insight corrected to explain the slippage mechanism.
2. Floor Ratchet: renamed to "initial phase only", insight explicitly
notes the 2000-trade oscillation variant is NOT tested here and
is tracked as follow-up issue #1082.
3. Added methodology field explaining snapshot-isolation semantics
(why lm_eth_after == lm_eth_before).
4. Restored two dropped strategies (discovery WETH consumption,
one-way sell) with notes that they are subsumed by other attacks.
Re: #1058
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All 8 adversarial strategies failed to extract ETH from LiquidityManager.
LM ETH actually increased from ~1000 to ~1050 ETH due to fee income.
Key defense: 1% pool fee + atomic recenter + massive floor liquidity.
Closes#1058
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add evidence/ with subdirs for evolution, red-team, holdout, and user-test.
Each subdir has a .gitkeep and README.md documents the JSON schema for all four
process types so formulas and the planner have a canonical contract to read/write.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
