Hubble Adds Net Outflow Caps to Enhance Security

Hubble has introduced Net Outflow Caps, enabling the protocol to monitor and regulate the outflow of collateral and USDH.

Key Takeaways

  • Outflow caps reduce the impact of an exploit on the protocol.
  • Caps have been placed on all pertinent assets on Hubble.

Hubble Protocol addresses risk management in several ways. In addition to regular security audits, the protocol performs a wide range of tests on all updates before they are released.

However, it is necessary to implement additional parameters to minimize impact in worst-case scenarios. This is why Hubble has coded Net Outflow Caps into its smart contracts.

Net Outflow Caps Explained

Net Outflow Caps serve to limit the loss of funds on the protocol in the case of an exploit. All assets on the protocol, including all collateral types and USDH itself, have net-outflow ceilings.

These ceilings are regulated in set time windows, and after each window, the ceiling resets. Thus, if the outflow cap of a certain asset has been reached, withdrawals are halted, and they only resume in the next window.

In addition to preventing a loss of user funds in the case of an exploit, Outflow Caps also allow the protocol to investigate edge cases. For example, should a large position be closed and the withdrawal cap is reached, the protocol has a sufficient period to investigate the action and ensure everything is above board.

Net Outflow Caps are determined on an asset-specific basis, and the protocol remains flexible in changing the parameters of each asset according to balance changes and user feedback.

Why a “Net” Outflow Cap is Preferable

Net Outflows are a more reliable measure than “gross” outflows, as they more accurately reflect changes to the protocol's user activity.

If, for example, a single entity deposits $2M SOL on the platform in a certain time window, and 5 other users withdraw $400K SOL each within this same window, the net SOL outflow is effectively zero. In this case, the Outflow Cap is not triggered.

Note that the protocol will still be notified of significant actions on Hubble. These actions include, but are not limited to, an unusually large deposit, even if they do not trigger Outflow Caps.

How Net Outflow Caps can Limit Impact of Exploits

One case in which the Net Outflow Cap can prevent a mass outflow of funds is if an Infinite Mint exploit should take place. If this occurs, the exploiter would be able to mint up to a certain amount of USDH in a given window. However, the Net Outflow Cap on USDH prevents the exploiter from minting an “infinite” amount of USDH, while also giving the protocol time to react.

Initial Parameters for Outflows

Net Outflow Caps are implemented in 3 areas:

  • Each collateral assets
  • USDH minted from collateral
  • USDH minted from PSM

Caps on Collateral

Collateral outflows are calculated simply as: Amount of xAsset Withdrawn - Amount of xAsset Deposited.

Initial Cap: $1M for each asset on the protocol

Time Window: 8 hours

Cap on USDH Outflow from Loans

The loan-based USDH outflow parameter is calculated as: USDH Minted on Loans - USDH Repaid on Loans.

Initial Cap: 2.5M USDH

Time Window: 8 hours

Cap on USDH Outflow from PSM

The PSM-based outflow parameter is calculated as: USDH Minted from PSM - USDH Burned in PSM.

Initial Cap: 1M USDH

Time Window 8 hours

Keep in Touch

Website | Twitter | Telegram | Discord | Email | Reddit

You've successfully subscribed to Hubble Blog
Great! Next, complete checkout to get full access to all premium content.
Error! Could not sign up. invalid link.
Welcome back! You've successfully signed in.
Error! Could not sign in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Error! Stripe checkout failed.
Success! Your billing info is updated.
Error! Billing info update failed.