DeFi

Price Manipulation

Price manipulation is the intentional movement of an asset, pool, share, or collateral price so a protocol values assets incorrectly.

The attacker changes what the protocol thinks something is worth, then trades, borrows, liquidates, mints, or redeems against the wrong value.

Price Manipulation Explained in Detail

Price manipulation is broader than oracle manipulation. The manipulated value can be a DEX price, LP token value, vault share price, collateral exchange rate, or internal accounting ratio.

The attacker profits when the protocol accepts the temporary price as real.

Smart contract example

uint256 collateralValue = collateralAmount * ammSpotPrice() / 1e18;
require(collateralValue >= debt * MIN_RATIO / 1e18, "unsafe");

If ammSpotPrice() can be moved before this check, the borrower can look safer than they are.

Price Manipulation in Auditing

Price manipulation is common in lending, vaults, AMMs, bridges, derivatives, liquidations, and reward systems. The bug often hides in assumptions about liquidity, timing, slippage, or exchange-rate stability.

Red flags in code

  • amountOutMin = 0 or weak slippage bounds.

  • Low-liquidity collateral with high borrowing power.

  • Vault share price used as collateral without testing donation and rounding edge cases.

  • Spot prices used for protocol-critical decisions.

  • Same-block mint, redeem, borrow, liquidate, or claim after a price move.

  • Decimal mismatch between tokens, shares, and price feeds.

How to test or review it

  • Move the price by realistic and extreme amounts on a fork.

  • Call borrow, mint, redeem, liquidate, or claim after the price move.

  • Test low supply, donated assets, high slippage, and low-liquidity pools.

  • Check whether price changes are bounded per block or per update.

  • Review all conversions between amount, shares, oracle price, and collateral factor.

  • Confirm user-facing swaps have slippage and deadline controls.

Sources