Economic Security of a Polymarket Bet

Back

Can it really resolve a $100M market autonomously?

The Presidential Election

Prediction markets have clearly reached product market fit this cycle. Today, 8 months before the 2024 presidential election, over $92M has been put into a single market for the outcome of the election. As far as I can tell, this is the biggest decentralized prediction market we've ever seen in dollar terms. The fact that you really can bet on anything resulted in an explosion of adoption in the past few months.

Over $15M is bet on the outcome of Donald Trump and Joe Biden.

What has not kept up with the demand however, is the economic security underpinning the Polymarket resolver.

UMA's Optimistic Oracle (OO)

Polymarket uses the UMA CTF Adapter (opens in a new tab) to resolve their markets. At a high level, UMA provides security, and CTF enables liquidity. If there is a sufficient dispute in the OO, the request is sent to the DVM (Data Verifictaion Mechanism). From UMA's docs1:

If a dispute is raised, a request is sent to the DVM. All contracts built on UMA use the DVM as a backstop to resolve disputes. Disputes sent to the DVM will be resolved within a few days - after UMA tokenholders vote on what the correct outcome should have been.

UMA tokenholders vote on the correct outcome. For the past 10+ years, researchers2 have3 been4 studying5 how token voting can create a "Universal Data Feed", secured by cryptoeconomics. Have we finally figured it out?

Somewhat (not really).

Economic Security

The naive model for the OO's economic security is as follows:

Pushing an incorrect dispute resolution would require 51% of staked UMA. The total staked value is $150M right now. So the simple answer is that there's around $75M of economic security.

A slightly more advanced model must consider the following:

  1. Reward rate: Money received for voting correctly as an UMA staker. Currently, as of DVM 2.0., this is a fixed rate of 34% APR.
  2. Slash rate: Money lost for voting incorrectly as an UMA staker. This is an inverse of the reward rate.
  3. Price to short UMA: Extremely volatile and varies, but as a point of reference, currently the funding rate for UMAUSDT binance futures sits at 0.018%.
  4. Liquidity available to short: Also volatile and varies, but as of today, there's about $20M of liquidity across futures markets.
  5. Proportion of altruistic, non-profit motivated actors: Unknown.

A basic attack on the system goes like this:

  1. A bribery market for UMA stakers gets created. In practice, this probably won't look like a bribery market, but rather as a "staking pool" that "distributes rewards" at a high rate.
  2. The attacker offers p+ε. In other words, the dominant strategy for the stakers becomes colluding with the attacker.
    1. For example, the attackers offers reward rate + slash rate + price to short + ε. The staker can then short UMA to neutralize their UMA price exposure, and earn ε on top for no additional risk.
  3. Altruistic actors, who cannot be bribed, act as a backstop. If the attacker acquired enough UMA to beat the altruistic actors, their answer will be accepted as truth by the DVM.

I'm not going to even attempt a back of the napkin math as there are highly varying considerations, but you can see how true economic security can be much, much, lower than $75M.

Money at Risk

How much is there to be gained as an attacker? Why is the Presidential election interesting? As mentioned, the market for the Presidential election is sitting at $92M today. Moreover, all 17 submarkets resolve at around the same time, allowing for a reasonable batch attack. This means over 90% of the $93M could theoretically be taken, if the attacker simply resolved each market market to favor maximum payout.

This is possible because the vast majority of the markets are heavily lopsided. The vast majority of the market is actually on long-tail bets around 0% odds. People bet on these because to them it feels like free money. They're really sure Kanye won't be the next president. Some are crazy enough to believe he will be, which creates liquidity.

And it's only March. There's 8 more months left for this to continue to balloon in size.

The Solution

To my disappointment, the short-term solution today is simply to have the admin (there is a centralized multisig) resolve the market manually and ignore the results of the OO.

The long-term solution, in my opinion, is to experiment with parameters. To name a few:

  1. Much higher slash rate, perhaps even exponentially increasing.
  2. Number of resolution disputes required to resolve a market. Resolving a market in one-shot, as displayed above, is dangerous. Combined with higher slash rate, this could be an interesting option.
  3. Whitelisted set of high-reputation proposers

P.S. I've abundantly notified both UMA and Polymarket of this issue. I don't recommend wasting your time and money trying to bribe UMA stakers.

Footnotes

  1. UMA Docs (opens in a new tab)

  2. SchellingCoin: A Minimal-Trust Universal Data Feed – Vitalik Buterin (opens in a new tab)

  3. The P + epsilon Attack – Vitalik Buterin (opens in a new tab)

  4. Truthcoin Whitepaper – Paul Sztorc (opens in a new tab)

  5. An Analysis of p+ε Attacks on Various Models of Schelling Game Based Systems – William George, Clément Lesaege (opens in a new tab)